← Back to context Comment by dullcrisp 5 hours ago You think no one checks if their arithmetic overflows? 2 comments dullcrisp Reply Spivak 4 hours ago I'm sure it's not literally no one but I bet the percent of additions that have explicit checks for overflow is for all practical purposes indistinguishable from 0. nox101 2 hours ago Lots of secure code checks for overflow fillBufferWithData(buffer, data, offset, size) You want to know that offset + size don't wrap past 32bits (or 64) and end up with nonsense and a security vulnerability.
Spivak 4 hours ago I'm sure it's not literally no one but I bet the percent of additions that have explicit checks for overflow is for all practical purposes indistinguishable from 0. nox101 2 hours ago Lots of secure code checks for overflow fillBufferWithData(buffer, data, offset, size) You want to know that offset + size don't wrap past 32bits (or 64) and end up with nonsense and a security vulnerability.
nox101 2 hours ago Lots of secure code checks for overflow fillBufferWithData(buffer, data, offset, size) You want to know that offset + size don't wrap past 32bits (or 64) and end up with nonsense and a security vulnerability.
I'm sure it's not literally no one but I bet the percent of additions that have explicit checks for overflow is for all practical purposes indistinguishable from 0.
Lots of secure code checks for overflow
You want to know that offset + size don't wrap past 32bits (or 64) and end up with nonsense and a security vulnerability.