public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "ch3root at openwall dot com" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug c/67999] Wrong optimization of pointer comparisons Date: Wed, 21 Oct 2015 02:09:00 -0000 [thread overview] Message-ID: <bug-67999-4-Q9iNOUjjrx@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-67999-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67999 --- Comment #18 from Alexander Cherepanov <ch3root at openwall dot com> --- I guess nobody doubts that the current situation in gcc+glibc (and clang+glibc) should be fixed as valid programs are miscompiled. And it's easy to imagine security consequences of this when buffers have sizes controlled by attackers. The problem is not limited to the comparisons of the form 'p + a < p', all comparison of the form 'p + a < p + b' are probably miscompiled. And subtraction of pointers is problematic too: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=45779 The issue affects not only all 32-bit platforms (i386, x32, arm, etc.) but also 16-bit ones, right? Or all of them are dead? Recently even 18-bit one was mentioned... Whether gcc violates C11 or not is not clear. The standard mostly speaks about compiler+library. OTOH gcc can be used as a freestanding implementation and even in a hosted environment, in practice, AIUI there could be external objects, not from compiler or libc. Hence IMHO this limitation should at least be documented in a user-visible place. (The same for libc's: if they cannot deal with huge objects it should be documented even if they cannot create them.)
next prev parent reply other threads:[~2015-10-21 2:09 UTC|newest] Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top [not found] <bug-67999-4@http.gcc.gnu.org/bugzilla/> 2015-10-17 8:03 ` glisse at gcc dot gnu.org 2015-10-17 8:14 ` pinskia at gcc dot gnu.org 2015-10-17 8:35 ` schwab@linux-m68k.org 2015-10-17 12:52 ` ch3root at openwall dot com 2015-10-19 2:30 ` danielmicay at gmail dot com 2015-10-19 5:36 ` bugdal at aerifal dot cx 2015-10-19 8:17 ` fw at gcc dot gnu.org 2015-10-19 8:26 ` fw at gcc dot gnu.org 2015-10-19 8:41 ` danielmicay at gmail dot com 2015-10-19 8:47 ` danielmicay at gmail dot com 2015-10-19 9:05 ` fw at gcc dot gnu.org 2015-10-19 9:09 ` fw at gcc dot gnu.org 2015-10-19 9:12 ` danielmicay at gmail dot com 2015-10-19 9:26 ` danielmicay at gmail dot com 2015-10-19 9:55 ` danielmicay at gmail dot com 2015-10-19 9:56 ` rguenth at gcc dot gnu.org 2015-10-19 10:12 ` jakub at gcc dot gnu.org 2015-10-21 2:09 ` ch3root at openwall dot com [this message] 2015-10-21 2:18 ` ch3root at openwall dot com 2015-10-21 3:21 ` danielmicay at gmail dot com 2015-10-28 0:12 ` joseph at codesourcery dot com 2015-10-28 0:20 ` bugdal at aerifal dot cx 2015-10-28 2:29 ` joseph at codesourcery dot com 2015-10-28 18:26 ` ch3root at openwall dot com
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-67999-4-Q9iNOUjjrx@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).