Home page logo

bugtraq logo Bugtraq mailing list archives

Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk
From: jat-public01 () jaet org
Date: 18 Apr 2006 15:44:18 -0000

Are you certain that should fail?

(unsigned long)-1 is a word with all bits set (on a twos-complement machine), so I believe the result should be 
undefined with regard to overflow adding a pointer.

It certainly seems reasonable for a compiler to optimize away a test for a pointer in the range of p to p+MAXINT-1, if 
p has the same number of bits as MAXINT.

If you really want to test for negative buffer sizes, you need to declare the length as long rather than unsigned long.

John Tamplin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]