Bug#517714: glibc: possible signed integer overflow in libio/iogetdelim.c

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#517714: glibc: possible signed integer overflow in libio/iogetdelim.c
From: Jakub Wilk <ubanus@users.sf.net>
Date: Sun, 1 Mar 2009 17:40:59 +0100
Message-id: <[🔎] 20090301164059.GA668@cavendish.icomputing.pl>
Reply-to: Jakub Wilk <ubanus@users.sf.net>, 517714@bugs.debian.org

Package: libc6
Version: 2.9-3
Severity: minor

An excerpt from gcc manual page:

  -fstrict-overflow

Allow the compiler to assume strict signed overflow rules, dependingon the language being compiled. For C (and C++) this means thatoverflow when doing arithmetic with signed numbers is undefined, whichmeans that the compiler may assume that it will not happen.[...]When this option is in effect any attempt to determine whether anoperation on signed numbers will overflow must be written carefully tonot actually involve overflow.

  [...]
  The -fstrict-overflow option is enabled at levels -O2, -O3, -Os.

(Note that glibc is compiled with -O2 in Debian.)

I guess the following code snippet from libio/iogetdelim.c could serveas an example how *not* to write code, when this option is turned on:


  if (__builtin_expect (cur_len + len + 1 < 0, 0))
    {
      __set_errno (EOVERFLOW);
      result = -1;
      goto unlock_return;
    }

--
Jakub Wilk

Reply to:

Prev by Date: r3351 - glibc-package/branches/eglibc-2.9/debian/patches/any
Next by Date: r3352 - glibc-package/branches/eglibc-2.9/debian/testsuite-checking
Previous by thread: r3351 - glibc-package/branches/eglibc-2.9/debian/patches/any
Next by thread: r3352 - glibc-package/branches/eglibc-2.9/debian/testsuite-checking
Index(es):
- Date
- Thread