lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 18 Apr 2006 15:44:18 -0000 From: jat-public01@...t.org To: bugtraq@...urityfocus.com Subject: Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Are you certain that should fail? (unsigned long)-1 is a word with all bits set (on a twos-complement machine), so I believe the result should be undefined with regard to overflow adding a pointer. It certainly seems reasonable for a compiler to optimize away a test for a pointer in the range of p to p+MAXINT-1, if p has the same number of bits as MAXINT. If you really want to test for negative buffer sizes, you need to declare the length as long rather than unsigned long. John Tamplin
Powered by blists - more mailing lists