Week-end cryptographic link Pascal Cuoq on 18 February 2012
A good read: Primal Fear: Demuddling The Broken Moduli Bug
Read MoreBlog
Checking for overflows, revisited once Pascal Cuoq on 12 February 2012
I do not have any solution I am 100% happy with to the overflow dilemma in the previous post. Here is one of the solutions that does not make me 100% happy. The first (partial) solution is: program so that overflows correspond exactly to unwanted circumstances (and then it becomes...
Read MoreFunction realloc() is broken - Not Pascal Cuoq on 9 February 2012
This post is a sequel of this post, in which I argued that it is not possible to double-free a piece of memory, only to pass indeterminate data (specifically, a dangling pointer) to a function (specifically, free()). Broken This time I am arguing that the standardized function realloc() is broken....
Read MoreFloat vs real Pascal Cuoq on 9 February 2012
For some reason, uses of real to denote fixed-precision floating-point numbers (in languages such as FORTRAN) irritate me, but uses of integer or int to denote bounded integers do not. One notation isn't more accurate than the other, though. Does anyone have an idea why that might be?
Read MoreUsing the Rte and value analysis plug-ins to detect overflows Pascal Cuoq on 4 February 2012
This post is another of the methodological cheat cards that made up much of this blog at its beginnings, before I decided that controversial comparisons between static analyzers were more fun to write. The problem: detecting semantic coding rules transgressions By default, Frama-C's value analysis does not warn about integer...
Read More