oss-sec mailing list archives
Re: CVE Request: Cap'n Proto: Bounds check elided by compiler optimization
From: Kenton Varda <kenton () cloudflare com>
Date: Mon, 17 Apr 2017 10:35:51 -0700
Whoops, apparently I'm supposed to use the web form now. Sorry! -Kenton On Mon, Apr 17, 2017 at 10:32 AM, Kenton Varda <kenton () cloudflare com> wrote:
Hi oss-security and cve-assign, Can you assign a CVE for the following issue? Full details and fix covered here: https://github.com/sandstorm-i o/capnproto/blob/master/security-advisories/2017-04-17-0- apple-clang-elides-bounds-check.mdDiscovered by Kenton VardaSome bounds checks are elided by Apple's compiler and possibly others,leading to a possible attack especially in 32-bit builds.Although triggered by a compiler optimization, this is a bug in Cap'nProto, not the compiler. Thanks, -Kenton
Current thread:
- Re: CVE Request: Cap'n Proto: Bounds check elided by compiler optimization Kenton Varda (Apr 17)
- Re: Re: CVE Request: Cap'n Proto: Bounds check elided by compiler optimization Solar Designer (Apr 17)
- Re: Re: CVE Request: Cap'n Proto: Bounds check elided by compiler optimization Kenton Varda (Apr 17)
- Re: Re: CVE Request: Cap'n Proto: Bounds check elided by compiler optimization Solar Designer (Apr 17)