Phase:The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
ReferencesMLIST:[gcc-bugs] Monday, May 06, 2002 c/6586: -ftrapv doesn't catch multiplication overflow | URL:http://gcc.gnu.org/ml/gcc-bugs/2002-05/msg00198.html | CERT-VN:VU#540517 | URL:http://www.kb.cert.org/vuls/id/540517
Votes:Assigned (Thursday, April 21, 2005)
Comments:None (candidate not yet proposed)
F7: