This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Buffer Overflow Attacks
- To: dewar at gnat dot com, fw at deneb dot enyo dot de
- Subject: Re: Buffer Overflow Attacks
- From: dewar at gnat dot com
- Date: Sun, 14 Oct 2001 15:24:42 -0400 (EDT)
- Cc: carlo at alinoe dot com, fp at fpx dot de, gcc at gcc dot gnu dot org
<<According to the language standard, buffer overflow detection for
character pointer types is possible only for buffers which are not
nested in other objects (in struct or union objects). Overflowing
character buffers has a well-defined effect if the buffer is contained
in an object (and other objects follow the buffer inside this object),
so a C implementation is not free to detect such errors (which is only
possible if the buffer overflow triggers undefined behavior). ;-)
>>
Well there is room for argument on the above analysis (since the standard
does not fully specify how composite types are layed out), but in any case,
it is always just fine to have a switch that requires sensible restrictions
on behavior, regardless of the standard, subsetting is always allowed, and
it is also just fine to compile sensitive code with such a switch and insist
that it conforms to some safe subset.