For those interested in some insightful Linux kernel mailing list reading this weekend, there’s been a vibrant discussion on the ability for the Linux kernel to mitigate unexpected arithmetic overflows/underflows/wraparounds.
Kees Cook with Google has been working on figuring out how to better deal with unexpected arithmetic overflow bugs within the Linux kernel’s C source code. He’s hoping to see a systematic way for the Linux kernel to be able to deal with such arithmetic overflow/underflow/wrap-around problems. Among the initial thinking is to better engage compiler-based sanitizers or a recent C language proposal for operator overloading without name mangling. In the latter proposal as a potential solution, C operator overloading could allow for arbitrary handling of overflows within the helpers.
