Lints, Condate and bugs
Kagamin
spam at here.lot
Wed Nov 3 01:09:20 PDT 2010
Walter Bright Wrote:
> > Every time I am comparing a signed with an unsigned I have an overflow risk
> > in D.
>
> Not every time, no. In fact, it's rare. I believe you are *way* overstating the
> case. If you were right I'd be reading all the time about integer overflow bugs,
> not buffer overflow bugs.
BTW, numeric overflow checks are not enabled by default in C# compiler. Though, once or twice I need to have the check, and C# helps me here. Just like you put asserts you can put overflow checks. And you can prove yourself, why language integrated asserts are helpful.
> Find any places actually vulnerable to a
> signed/unsigned error or overflow error (not theoretically vulnerable). For
> example, an overflow that would not happen unless the program had run out of
> memory long before is not an actual bug. The index into the vtable[] is not
> going to overflow. The line number counter is not going to overflow. The number
> of parameters is not going to overflow. There are also some places with overflow
> checks, like in turning numeric literals into binary.
Are they signed? If they're not going to overflow, they don't need to be unsigned.
More information about the Digitalmars-d
mailing list