oss-sec mailing list archives

Re: gcc 4.2 optimizations and integer overflow checks

From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 10 Apr 2008 14:31:13 -0400 (EDT)


On Wed, 9 Apr 2008, Nico Golde wrote:

Hi Steven,
* Steven M. Christey <coley () linus mitre org> [2008-04-07 18:24]:

While an unusual bug, we decided to assign a CVE for it.

[...]
Just stumbled upon CVE-2006-1902, look spretty much the same
to me, is this a dup?


Nice find!

My immediate suspicion is that they're not the same, based solely on
affected versions - CVE-2008-1685 has a specific affected version range
because it changed behaviors in 4.2.0.  Maybe that change came out of
followup analysis stemming from CVE-2006-1902.

But, I'm not completely sure.  Solar?

- Steve

Current thread:

gcc 4.2 optimizations and integer overflow checks Josh Bressers (Apr 07)
- Re: gcc 4.2 optimizations and integer overflow checks Steven M. Christey (Apr 07)
  - Re: gcc 4.2 optimizations and integer overflow checks Nico Golde (Apr 07)
    - Re: gcc 4.2 optimizations and integer overflow checks Solar Designer (Apr 07)
  - Re: gcc 4.2 optimizations and integer overflow checks Nico Golde (Apr 09)
    - Re: gcc 4.2 optimizations and integer overflow checks Steven M. Christey (Apr 10)
    - Re: gcc 4.2 optimizations and integer overflow checks Marcus Meissner (Apr 18)
    - Re: gcc 4.2 optimizations and integer overflow checks Solar Designer (Apr 18)
    - Re: gcc 4.2 optimizations and integer overflow checks Richard Guenther (Apr 20)
  - Re: gcc 4.2 optimizations and integer overflow checks Florian Weimer (Apr 11)
- Re: gcc 4.2 optimizations and integer overflow checks Marcus Meissner (Apr 07)