...
| Code Block | ||
|---|---|---|
| ||
#include <assert.h>
int foo(int a) {
assert(a + 100 > a);
printf("%d %d\n", a+100, a);
return a;
}
int main(void) {
foo(100);
foo(0x7fffffffINT_MAX);
}
|
This code tests for signed integer overflow by testing to see if a + 100 > a. This test cannot evaluate to true unless an integer overflow occurs. However, because a conforming implementation is not required to generate code for undefined behavior, and signed integer overflow is undefined behavior, this code may be compiled out. For example, gcc version 4.1.1 optimizes out the assertion for all optimization levels and gcc 4.2.3 optimizes out the assertion for program compiled with -O2 level optimization and higher.
...
| Code Block | ||
|---|---|---|
| ||
#include <assert.h>
int foo(int a) {
assert(((a +< 1000) >|| (a < (INT_MAX-100))));
printf("%d %d\n",a+100,a);
return a;
}
int main(void) {
foo(100);
foo(0x7fffffffINT_MAX);
}
|
Risk Assessment
Unused values may indicate significant logic errors, possibly resulting in a denial of service condition.
...