This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67942 Bug ID: 67942 Summary: diagnose placement new buffer overflow Product: gcc Version: 6.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c++ Assignee: unassigned at gcc dot gnu.org Reporter: msebor at gcc dot gnu.org Target Milestone: --- C++ placement new expression is known to be subject to buffer overflow flaws (see for example [1]). For instance, in the program below, the placement new expression writes past the end of the local buffer buf. In many cases of its use (including the one below), GCC has sufficient information to detect and diagnose such defects. This bug tracks the proposed implementation of this detection. #include <new> struct S { int a [4]; } s; void f (S *s) { char buf [sizeof s]; S *t = new (buf) S (*s); // ... } A New Class of Buffer Overflow Attacks, Kundu, A., Bertino, E., 31st International Conference on Distributed Computing Systems (ICDCS), 2011 http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5961725
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |