[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [oss-security] Controversy and exploitability of gcc issue 30475 |assert(int+100 > int)|




> On 8 Nov 2019, at 12:06, John Haxby <john.haxby AT oracle.com> wrote:
> 
> In this particular case, the assert() will always trigger if the assert is on "a > INT_MAX-100" because that is well defined.   Does ubsan catch this issue?

Answering my own question:

foo.c:6:2: runtime error: signed integer overflow: 2147483647 + 99 cannot be represented in type 'int'
a.out: foo.c:6: foo: Assertion `a+100 > a' failed.

jch

Attachment: signature.asc
Description: Message signed with OpenPGP