top | item 10444261

(no title)

That complaint isn't a valid complaint. If the checks relied on undefined behavior, the code wasn't secure. If you want to rely on the behavior of a specific version of a specific compiler, then you need to define that in your dependencies instead of pretending that you've written general-purpose C code. This isn't even just a GCC problem; compiling the code on a different compiler breaks this too.

discuss

manawy|10 years ago

Yes, I'm really happy that GCC optimize that code away.

Most of us don't care about security issue too much when using C/C++. We do use it for performance, and use it mostly locally.

GCC is a very versatile code. It's ok that it makes secure code difficult to write because it's not what most of us is doing. Not being completely secure is ok, not being optimized is not.

copsarebastards|10 years ago

Yeah, I'd go so far as to argue that if you need security, you probably shouldn't be writing C.

quotemstr|10 years ago

It's not GCC's job to break my program just in case I might one day run it on a broken compiler. That's like the fire marshal burning down my house to demonstrate how it violates fire codes.

There's also nothing wrong with writing a C program that rests on a base of POSIX, or the GNU system, and requires stronger guarantees than C alone provides.