Full Disclosure mailing list archives
Re: Major gcc 4.1.1 and up security issue
From: Valdis.Kletnieks () vt edu
Date: Tue, 16 Jan 2007 12:36:43 -0500
On Mon, 15 Jan 2007 21:07:40 +0100, Felix von Leitner said:
So, in my gnupg diff, I used code like this: assert(a+100 > a);
Note that if 'a' is a macro with side effects (the ++ and -- operators are particularly famous for this), you may just have seriously buggered the program while trying to secure it.
I opened a gcc bug for this. They told me that the C standard says integer overflow for signed integers in undefined and therefore gcc is right in doing this.
Unfortunately, they're totally right.
I'm saying this will break tons of security checks in existing applications and will get people to get 0wned. Please help make the gcc people fix this!
Probably not - a lot of programmers use 'unsigned int' specifically to avoid the sorts of problems you're seeing here. Or they learn to code their tests correctly. Freebie related floating-point testing issue: int thesame(float a, float b) { if (a == b) return 0; else return 1; } ... float x = 1.15; y=3.30; foo = thesame(2.0*x,y); This will produce incorrect results on some machine due to rounding error (twice 1.15 will likely be a bit or two different than 3.30). As Fortran geeks have known for over half a century, a better way to code this is: if (abs(a-b) < n*epsilon*a) where 'epsilon' is the hardware constant defining the smallest number such that 1+a is different from 1, and 'n' controls how many significant digits we require in the test.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Major gcc 4.1.1 and up security issue Felix von Leitner (Jan 15)
- Re: Major gcc 4.1.1 and up security issue Resident_Geek (Jan 15)
- Re: Major gcc 4.1.1 and up security issue Roflek of TK53 (Jan 15)
- Re: Major gcc 4.1.1 and up security issue Valdis . Kletnieks (Jan 16)
- Re: Major gcc 4.1.1 and up security issue Marcus Graf (Jan 17)
- Re: Major gcc 4.1.1 and up security issue Valdis . Kletnieks (Jan 17)
- Re: Major gcc 4.1.1 and up security issue Marcus Graf (Jan 17)
- Re: Major gcc 4.1.1 and up security issue Pavel Kankovsky (Jan 20)
- Re: Major gcc 4.1.1 and up security issue Marcin Owsiany (Jan 21)
- Re: Major gcc 4.1.1 and up security issue Valdis . Kletnieks (Jan 22)
- Re: Major gcc 4.1.1 and up security issue Marcin Owsiany (Jan 22)
- Re: Major gcc 4.1.1 and up security issue Valdis . Kletnieks (Jan 22)
- Re: Major gcc 4.1.1 and up security issue Marcin Owsiany (Jan 21)
- Re: Major gcc 4.1.1 and up security issue Resident_Geek (Jan 15)
- Message not available
- Re: Major gcc 4.1.1 and up security issue Michele Cicciotti (Jan 21)
- <Possible follow-ups>
- Re: Major gcc 4.1.1 and up security issue Gwiasda Patrick (Jan 16)
- Re: Major gcc 4.1.1 and up security issue Glenn.Everhart (Jan 22)