|
|
|
|
|
|
by kstenerud
251 days ago
|
|
|
Because if max is a calculated value, it could silently wrap around and leave index to cause a buffer overflow. Or if index is counting down, a calculated index could silently wrap around and cause the same issue. And if both are calculated and wrap around, you'll have fun debugging spooky action at a distance! If both are signed, that won't happen. You probably do have a bug if max or index is calculated to a negative value, but it's likely not an exploitable one. |
|
|