Typical security issues in C++: why the GC isn't your enemy
Iain Buclaw
ibuclaw at gdcproject.org
Tue Dec 6 11:26:35 UTC 2022
On Tuesday, 6 December 2022 at 04:35:18 UTC, Siarhei Siamashka
wrote:
>
> Many of the integer overflow bugs are caught by the C++
> compiler via UBSAN during the development and never reach the
> end users. While D compilers don't offer any reasonable
> protection. Except for GDC, which supports `-ftrapv` option as
> an undocumented "Easter egg".
It isn't undocumented, and it certainly isn't an easter egg. All
GCC optimization and code generation options are common to all
front-end languages (C/C++/D/Fortran/Go/Rust/...)
It's mentioned right there in the [first
sentence](https://gcc.gnu.org/onlinedocs/gdc/Invoking-gdc.html),
and the [documentation for
-ftrapv](https://gcc.gnu.org/onlinedocs/gcc/Code-Gen-Options.html#index-ftrapv) is just two page links away.
The default behaviour is `-fwrapv` because that is what [the D
spec asks for](https://dlang.org/spec/intro.html#arithmetic)
(also mentioned in the spec for [binary+,
binary-](https://dlang.org/spec/expression.html#add_expressions)
and
[binary*](https://dlang.org/spec/expression.html#mul_expressions)
operators specifically).
More information about the Digitalmars-d
mailing list