| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: full-disclosure at arago.de (Thomas Binder)
Subject: gcc: Internal compiler error: program cc1 got fatal signal 11
Hi!
On Fri, Jan 09, 2004 at 01:33:53PM +0200, Georgi Guninski wrote:
> your arguments don't seem to be consistent with this test ;) :
>
> $ gcc --version
> 2.95.3
> $ cat gcc-no2.c
> int main(void)
> {
> char c="msux"[0x7fffffff];
> printf("%c",c);
> }
> $ gcc gcc-no2.c
>
> compile passes, but the proggie crashes, so "msux"[INDEX]
> doesn't seem to be expanded to char at compile time.
It works for large negative indexes, i.e. try 0x80000000 instead
of 0x7fffffff.
The following "source file" is enough to crash gcc 2.95.x here:
-- snip --
int main()
{
char c = ""[0x80000000];
}
-- snap --
The smallest negative index I was able to use to crash gcc here
with i386-Linux 2.6.0 and gcc-2.95.4 is 0xffe4a9e7 (-1791513) -
interestingly, though, gcc does not crash when using [-1791513]
instead of [0xffe4a9e7].
Also interesting: If I change the funtion name to __main(), gcc
still crashes with 0xffe4a9e7, but with ___main(), the value has
to be changed to 0xffe4a9db (12 bytes "more" negative) to still
crash the compiler.
Ciao
Thomas
--
In every hierarchy the cream rises until it sours.
-- Dr. Laurence J. Peter
Powered by blists - more mailing lists