oss-sec mailing list archives
Controversy and exploitability of gcc issue 30475 |assert(int+100 > int)|
From: Georgi Guninski <gguninski () gmail com>
Date: Fri, 8 Nov 2019 10:03:44 +0200
Controversy and exploitability of gcc issue 30475 |assert(int+100 > int)| There is heated discussion on gcc's bugzilla starting from 2007: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=30475 and clang is also affected, depending on optimization flags. poc is the program at end. gcc with all optimization flags optimizes away |assert(a+100 > a)| even if there is no integer overflow, only signed overflow. clang fires the assertion with -O0, but also optimizes it away with -O3 The formal verifier CBMC fires the assertion, which might of interest about formally verified programs. Signed integer arithmetic is commonly used even without integer overflows. Could this compiler issue be security problem? Any workarounds? ===poc=== #include <assert.h> int foo(int a) { assert(a+100 > a); printf("%d %d\n",a+100,a); return a; } int main() { foo(100); foo(0x7fffffff); } ========= CV: https://j.ludost.net/resumegg.pdf site: http://www.guninski.com blog: https://j.ludost.net/blog
Current thread:
- Controversy and exploitability of gcc issue 30475 |assert(int+100 > int)| Georgi Guninski (Nov 08)
- Re: Controversy and exploitability of gcc issue 30475 |assert(int+100 > int)| John Haxby (Nov 08)
- Re: Controversy and exploitability of gcc issue 30475 |assert(int+100 > int)| John Haxby (Nov 08)
- Re: Controversy and exploitability of gcc issue 30475 |assert(int+100 > int)| Russ Allbery (Nov 08)
- Re: Controversy and exploitability of gcc issue 30475 |assert(int+100 > int)| Florian Weimer (Nov 08)
- Re: Controversy and exploitability of gcc issue 30475 |assert(int+100 > int)| John Haxby (Nov 08)