This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: Buffer Overflow Attacks


dewar@gnat.com writes:

> and it is by no means impossible to do this kind of code generation
> for C

According to the language standard, buffer overflow detection for
character pointer types is possible only for buffers which are not
nested in other objects (in struct or union objects).  Overflowing
character buffers has a well-defined effect if the buffer is contained
in an object (and other objects follow the buffer inside this object),
so a C implementation is not free to detect such errors (which is only
possible if the buffer overflow triggers undefined behavior). ;-)


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]