what about multiplying two singed integers without UB. Even experts sometimes need reference for those. And there's more...
-
-
...which is a lot like disabling safety mechanisms on tools for the sake of being "macho"/saving time/whatever.
-
Unfortunately C has a huge corpus of utterly wrong examples, bad tutorials, bad teachers, etc. that new people learn to do these things from
-
I hate to be blunt, but this is factually incorrect. Even w/o discussing details, code bases by C experts contain UB, crypto code from GOOG>
-
>GCC code from the compiler makers. If it's so easy how come the experts keep making those misatkes, even musl;-) http://www.openwall.com/lists/oss-security/2016/10/19/1 … >
-
Yes, experts do this because they think they're smarter than they are. You can be smart enough once or ten times, but not N times as N→∞.
-
But it's still conscious breaking of simple rules that they (we, me included) should be following.
-
Your musl example was bad because that was one of the few pieces of imported code, but the IPv6 & DNS parsing vulns were real examples.
-
The latter were just me being overly clever & wrong about assuming loop invariants rather than using easily-provably-correct conditions.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.