This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug c/68065] Size calculations for VLAs can overflow
- From: "danielmicay at gmail dot com" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Tue, 27 Oct 2015 18:29:28 +0000
- Subject: [Bug c/68065] Size calculations for VLAs can overflow
- Auto-submitted: auto-generated
- References: <bug-68065-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065
Daniel Micay <danielmicay at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |danielmicay at gmail dot com
--- Comment #9 from Daniel Micay <danielmicay at gmail dot com> ---
> VLA also does not detect stack overflows either.
Stack overflows are detected with -fstack-check, or at least they would be if
the option worked properly: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66479
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65958
I've always found it quite bad that well-defined code with GCC can actually be
exploited (arbitrary write vulnerabilities) due to the fact that -fstack-check
is not enabled by default. MSVC++ and Clang on Windows guarantee that stack
overflows from well-defined code (large stack frames, VLAs) will be caught.
However, the switch seems to cause a significant performance hit for functions
where it triggers (which are rare but sometimes performance critical, a good
example is jemalloc's rbtree implementation which uses arrays rather than
recursion) and compatibility issues due to the way it's currently implemented:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67265/.