Bugtraq mailing list archives
GNU GCC: Optimizer Removes Code Necessary for Security
From: Joseph Wagner <wagnerjd () prodigy net>
Date: 16 Nov 2002 10:04:44 -0000
When optimizing code for "dead store removal" the optimizing compiler may remove code necessary for security. A programmer could erroneously think that his code is secure, even though the securing code is removed from the compiled code. For a full report, including a complete description of the bug, steps necessary to reproduce the problem, a workaround, and sample code, go to: http://gcc.gnu.org/cgi-bin/gnatsweb.pl?cmd=view%20audit- trail&database=gcc&pr=8537
Current thread:
- GNU GCC: Optimizer Removes Code Necessary for Security Joseph Wagner (Nov 19)
- Re: GNU GCC: Optimizer Removes Code Necessary for Security Florian Weimer (Nov 19)