public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
From: "ch3root at openwall dot com" <gcc-bugzilla@gcc.gnu.org>
To: gcc-bugs@gcc.gnu.org
Subject: [Bug c/67999] Wrong optimization of pointer comparisons
Date: Wed, 21 Oct 2015 02:09:00 -0000 [thread overview]
Message-ID: <bug-67999-4-Q9iNOUjjrx@http.gcc.gnu.org/bugzilla/> (raw)
In-Reply-To: <bug-67999-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67999
--- Comment #18 from Alexander Cherepanov <ch3root at openwall dot com> ---
I guess nobody doubts that the current situation in gcc+glibc (and clang+glibc)
should be fixed as valid programs are miscompiled. And it's easy to imagine
security consequences of this when buffers have sizes controlled by attackers.
The problem is not limited to the comparisons of the form 'p + a < p', all
comparison of the form 'p + a < p + b' are probably miscompiled. And
subtraction of pointers is problematic too:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=45779
The issue affects not only all 32-bit platforms (i386, x32, arm, etc.) but also
16-bit ones, right? Or all of them are dead? Recently even 18-bit one was
mentioned...
Whether gcc violates C11 or not is not clear. The standard mostly speaks about
compiler+library. OTOH gcc can be used as a freestanding implementation and
even in a hosted environment, in practice, AIUI there could be external
objects, not from compiler or libc.
Hence IMHO this limitation should at least be documented in a user-visible
place. (The same for libc's: if they cannot deal with huge objects it should be
documented even if they cannot create them.)
next prev parent reply other threads:[~2015-10-21 2:09 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <bug-67999-4@http.gcc.gnu.org/bugzilla/>
2015-10-17 8:03 ` glisse at gcc dot gnu.org
2015-10-17 8:14 ` pinskia at gcc dot gnu.org
2015-10-17 8:35 ` schwab@linux-m68k.org
2015-10-17 12:52 ` ch3root at openwall dot com
2015-10-19 2:30 ` danielmicay at gmail dot com
2015-10-19 5:36 ` bugdal at aerifal dot cx
2015-10-19 8:17 ` fw at gcc dot gnu.org
2015-10-19 8:26 ` fw at gcc dot gnu.org
2015-10-19 8:41 ` danielmicay at gmail dot com
2015-10-19 8:47 ` danielmicay at gmail dot com
2015-10-19 9:05 ` fw at gcc dot gnu.org
2015-10-19 9:09 ` fw at gcc dot gnu.org
2015-10-19 9:12 ` danielmicay at gmail dot com
2015-10-19 9:26 ` danielmicay at gmail dot com
2015-10-19 9:55 ` danielmicay at gmail dot com
2015-10-19 9:56 ` rguenth at gcc dot gnu.org
2015-10-19 10:12 ` jakub at gcc dot gnu.org
2015-10-21 2:09 ` ch3root at openwall dot com [this message]
2015-10-21 2:18 ` ch3root at openwall dot com
2015-10-21 3:21 ` danielmicay at gmail dot com
2015-10-28 0:12 ` joseph at codesourcery dot com
2015-10-28 0:20 ` bugdal at aerifal dot cx
2015-10-28 2:29 ` joseph at codesourcery dot com
2015-10-28 18:26 ` ch3root at openwall dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-67999-4-Q9iNOUjjrx@http.gcc.gnu.org/bugzilla/ \
--to=gcc-bugzilla@gcc.gnu.org \
--cc=gcc-bugs@gcc.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).