operator new[] overflow (PR 19351)

Florian Weimer fw@deneb.enyo.de
Sat Dec 4 13:23:00 GMT 2010


* Joe Buck:

> It's wasted code if the multiply instruction detects the overflow.
> It's true that the cost is small (maybe just one extra instruction
> and the same number of tests, maybe one more on architectures where you
> have to load a large constant), but it is slightly worse code than what
> Chris Lattner showed.

It's possible to improve slightly on the LLVM code by using the
overflow flag (at least on i386/amd64), as explained in this blog
post:

<http://blogs.msdn.com/b/michael_howard/archive/2005/12/06/500629.aspx>

My patch emits a run-time division if a VLA is used in an allocator.
But that's a semi-deprecated GCC extension, so I don't think we need
to care.

> Still, it's certainly an improvement on the current
> situation and the cost is negligible compared to the call to the
> allocator.  Since it's a security issue, some form of the patch should
> go in.

Well, should I resubmit, with the fix for the problem building
size_t(-1)?



More information about the Gcc mailing list