Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 13 Jul 2015 03:19:14 +0300
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: How serious is undefined behavior?

On Mon, Jul 06, 2015 at 06:17:34PM +0200, Hanno B??ck wrote:
> However I wonder how practically relevant these issues are and also
> how much focus should be given to them.

Related:

"What is C in practice? (Cerberus survey): Analysis of Responses"
http://www.cl.cam.ac.uk/~pes20/cerberus/notes50-2015-05-24-survey-discussion.html

A productive direction may be for the free software community (or an
even wider community, if possible) to agree on de facto mainstream C
standard, where certain kinds of UB and such would in fact be defined in
specific ways.

There would still remain many kinds of UB and such, but fewer of them
and the easier avoidable ones.

As things currently are, non-trivial programs sort of have to make
certain assumptions beyond what's guaranteed by C standards anyway.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ