Bugtraq mailing list archives
RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk
From: "Michael Wojcik" <Michael.Wojcik () microfocus com>
Date: Mon, 17 Apr 2006 17:06:28 -0700
From: Felix von Leitner [mailto:felix-bugtraq () fefe de] Sent: Monday, 17 April, 2006 16:04 static inline int range_ptrinbuf(const void* buf,unsigned long len,const void* ptr) { register const char* c=(const char*)buf; /* no pointer arithmetic on void* */ return (c && c+len>c && (const char*)ptr-c<len); } ... assert(range_ptrinbuf(buf,(unsigned long)-1,buf+1)==0); Imagine my surprise when this assertion failed.
As far as the C language is concerned, this isn't a compiler "bug". You've created an invalid pointer in "c+len" (the result neither points within the object that includes the location c points to, nor one past it), which invokes Undefined Behavior (ISO 9899:1990 6.5.6 #8). And you've compared two pointers which do not point within the same object ("c+len>c"), which also invokes Undefined Behavior (6.5.8 #5). The behavior of gcc 4.1 in this case might be infelicitous, but it is not, properly speaking, a bug. -- Michael Wojcik Principal Software Systems Developer, Micro Focus
Current thread:
- gcc 4.1 bug miscompiles pointer range checks, may place you at risk Felix von Leitner (Apr 17)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Michael Chamberlain (Apr 18)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Forrest J. Cavalier III (Apr 18)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Alexander Klimov (Apr 18)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Florian Weimer (Apr 18)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Gabor Gombas (Apr 18)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Nate Eldredge (Apr 19)
- <Possible follow-ups>
- RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk Michael Wojcik (Apr 18)
- Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk jat-public01 (Apr 18)