Me: OpenSSH is one of the most secure apps ever written, even in C C Haters: no it’s not! Several RCE bugs! Me: prove it. Show me a working exploit. *crickets* FUD and Security pedanticism is unbecoming of our insustry, Pals.
you sure you understand your own example? :) there's no UB in your code because 1. the multiplication is done in size_t (due to sizeof), 2. the int->size_t conversion is well defined, 3. the size_t->int conversion is implementation defined.
-
-
You're right of course, this is what's going on. I accidentally demoed a different UB ("implementation defined" is just another way of saying "undefined behaviour").
-
no, it's not, the two are very different. one results in a defined program, the other does not. now whether you like the resulting defined behaviour is another question which is why programmers have the task of, well, doing their job and write programs with desirable behaviour :)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
. Besides, having bugs isn’t the issue. Resolving, reducing, and remaining well architected is the point.