Overeager Compilers Can Open Security Holes In Your Code 199
jfruh writes: "Creators of compilers are in an arms race to improve performance. But according to a presentation at this week's annual USENIX conference, those performance boosts can undermine your code's security. For instance, a compiler might find a subroutine that checks a huge bound of memory beyond what's allocated to the program, decide it's an error, and eliminate it from the compiled machine code — even though it's a necessary defense against buffer overflow attacks."
Unsable Code, again (Score:5, Informative)
Bad summary is bad (Score:5, Informative)
Old news (Score:4, Informative)
I know that at least GCC will get rid of overflow checks if they rely on checking the value after overflow (without any warning), because C defines that overflow on signed integers is undefined. This is even documented. If anything is declared by the language specification as being undefined, expect trouble.
Floating point algorithms too (Score:2, Informative)
Compilers can also "optimize" away Kahan summation algorithm. See page 6 of How Futile are Mindless Assessments of Roundoff in Floating-Point Computation [berkeley.edu]
Re:Complete nonsense.... (Score:2, Informative)
Except not, so now we have explicit_bzero()