This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Buffer Overflow Attacks
- To: mrs at windriver dot com (mike stump)
- Subject: Re: Buffer Overflow Attacks
- From: Joe Buck <jbuck at synopsys dot COM>
- Date: Thu, 1 Nov 2001 08:21:06 -0800 (PST)
- Cc: fw at deneb dot enyo dot de, eager at mvista dot com, gcc at gcc dot gnu dot org, jsm28 at cam dot ac dot uk
> > To: mike stump <mrs@windriver.com>
> > Cc: eager@mvista.com, gcc@gcc.gnu.org, jsm28@cam.ac.uk
> > From: Florian Weimer <fw@deneb.enyo.de>
> > Date: Wed, 31 Oct 2001 19:23:54 +0100
>
> > So I have to retract my original claim that it was impossible to do
> > buffer overflow checks in such cases. After all, a pointer in
> > C-speak (or "address", as in "address-of operator") is not very
> > similar to a machine address.
>
> Off Topic: A pointer in C speak is exactly like a machine address.
> Please show us C code that shows a difference. comp.lang.c is a
> better place for these types of comments.
Pointers have many restrictions that machine addresses do not.
Given
int foo[23];
C or C++ code that makes any assumptions about, or use of, foo+25 is
not portable, while this is a perfectly valid machine address.
Furthermore, machine addresses (on machines with one memory space) are
totally ordered; C pointers that don't point to the same object or array
are not (consider segmented machines, DSP's with multiple memory banks,
etc).