On Friday, 9 December 2022 at 02:11:13 UTC, Walter Bright wrote:
>On 12/5/2022 8:35 PM, Siarhei Siamashka wrote:
>Many of the integer overflow bugs are caught by the C++ compiler via UBSAN during the development and never reach the end users.
While that is a good option to have on the compiler, it will only never reach the end users if there is a test case that would trigger an overflow.
https://en.wikipedia.org/wiki/Fuzzing is typically how you get these testcases in the real world. Human beta testers running debug builds with a bunch of extra runtime checks enabled may catch something too.
All of this indeed doesn't guarantee absolute 100% safety and that's the reason why we still see integer overflow security issues showing up in the stats. But without UBSAN actually existing and being actively used, the share of integer overflow issues could have been larger than 2%.
Now imagine some users in a C++ forum discussing the list of security issues in some large D application. Just like H. S. Teoh in the first message of this thread, somebody in this C++ forum could come up with the following statement: "Bounds checking is also sometimes brought up as something important; but at least according to the above categorization it only accounts for X% of issues. So not as big a deal as some may have made it sound." ;-)