Post Syndicated from corbet original https://lwn.net/Articles/959189/

While the mathematical realm of numbers is infinite, computers are only
able to represent a finite subset of them. That can lead to problems when
arithmetic operations would create numbers that the computer is unable to
store as the intended type. This condition, called “overflow” or
“wraparound” depending on the
context, can be the source of bugs, including unpleasant security
vulnerabilities, so it is worth avoiding. This patch
series from Kees Cook is intended to improve the kernel’s handling of
these situations, but it is running into a bit of resistance.