[rust-dev] Integer overflow, round -2147483648

comex comexk at gmail.com
Mon Jun 23 14:04:38 PDT 2014


On Mon, Jun 23, 2014 at 4:49 PM, Daniel Micay <danielmicay at gmail.com> wrote:
> I don't understand what the problem would be with my proposal to have
> either `checked { }` or checked operators + a lint for unchecked usage.

I don't see 'checked { }' anywhere in the discussion before this
message...  sounds like it should be doable as a macro too.

I think it would be nice to at least make checked arithmetic *really
easy* like that.  For example, I was just analyzing an integer
overflow vulnerability in a tricky C++ function in a low-level
component that parses binary files.  If the component were written in
Rust, because it's low-level, normal memory safety checks might or
might not be sufficient - but since most of it is not terribly
performance sensitive, a good hardening approach would be to liberally
add checked {} around such functions or even the whole file.


More information about the Rust-dev mailing list