|
|
BugTraq
gcc 4.1 bug miscompiles pointer range checks, may place you at risk Apr 17 2006 08:03PM Felix von Leitner (felix-bugtraq fefe de) (6 replies) Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Apr 18 2006 07:16PM Florian Weimer (fw deneb enyo de) Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Apr 18 2006 09:21AM Gabor Gombas (gombasg sztaki hu) Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Apr 18 2006 07:45AM Alexander Klimov (alserkli inbox ru) Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Apr 18 2006 12:15AM Nate Eldredge (nge cs hmc edu) Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Apr 17 2006 11:57PM Michael Chamberlain (michael chamberlain net au) |
|
Privacy Statement |
> I wrote a small library of functions to do typical range checks as they
> are needed in code that handles incoming packets or messages from
> untrusted sources. My impetus was SMB code, in case you want to know.
>
> Here is one of my functions:
>
> static inline int range_ptrinbuf(const void* buf,unsigned long len,const void* ptr) {
> register const char* c=(const char*)buf; /* no pointer arithmetic on void* */
> return (c && c+len>c && (const char*)ptr-c<len);
> }
>
> Of course, when developing security critical code like this, you also
> write a good test suite for it, that exercises all the cases. Here is
> part of my test suite:
>
> assert(range_ptrinbuf(buf,(unsigned long)-1,buf+1)==0);
>
Overflow tests are hard to get right in a platform-independent way.
What if your sizeof(ptrdiff_t) != sizeof(unsigned long)?
And what do think about this:
http://c0x.coding-guidelines.com/6.5.6.html#1160
? Can we be sure ptr-c is defined? Even when ptr < buf? Even when
ptr > c + len + 1?
[ reply ]