[Bug c/85310] optimization ignoring strlen() results

kees at outflux dot net gcc-bugzilla@gcc.gnu.org
Tue Apr 10 02:49:00 GMT 2018


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85310

Kees Cook <kees at outflux dot net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |UNCONFIRMED
         Resolution|INVALID                     |---

--- Comment #2 from Kees Cook <kees at outflux dot net> ---
I realize the compiler would like like it to be undefined, but it's just not:
this worked before, and there's nothing about a static-sized character array
that says it will be NULL terminated. No optimization of strlen() can make that
assumption, since it's the _contents_ and not the _size_ that determine the
results of strlen().

Specifically, this breaks the Linux kernel's FORTIFY_SOURCE implementation,
which is exactly trying to protect against these kinds of unexpected memory
contents, etc. With the ? : optimized away FORITFY_SOURCE ends up becoming
actively dangerous.


More information about the Gcc-bugs mailing list