undefined | Better HN

0 pointsduneroadrunner9y ago0 comments

I haven't read the book. What's the gist of the recommendations for addressing those issues? SaferCPlusPlus addresses the signed/unsigned issue by providing compatible substitutes[1] for "int" and "size_t" that automatically handle it. And it addresses the integer underflow/overflow issue by recommending another compatible "int" substitute[2] and introducing the concept (but not yet the implementation) of "quarantined" types for untrusted input values.

[1] https://github.com/duneroadrunner/SaferCPlusPlus#cint-csize_...

[2] https://github.com/robertramey/safe_numerics

0 comments

hermitdev9y ago

A lot of it involves techniques for detecting that overflow will occur (without actually doing the computation - because in C/C++, once you've signed overflow, you're already into undefined behavior).

j / k navigate · click thread line to collapse

0 pointsduneroadrunner9y ago0 comments

[1] https://github.com/duneroadrunner/SaferCPlusPlus#cint-csize_...

[2] https://github.com/robertramey/safe_numerics

0 comments

hermitdev9y ago

j / k navigate · click thread line to collapse