Overeager Compilers Can Open Security Holes In Your Code

jfruh writes: "Creators of compilers are in an arms race to improve performance. But according to a presentation at this week's annual USENIX conference, those performance boosts can undermine your code's security. For instance, a compiler might find a subroutine that checks a huge bound of memory beyond what's allocated to the program, decide it's an error, and eliminate it from the compiled machine code — even though it's a necessary defense against buffer overflow attacks."

Unsable Code, again

[Anonymous Coward]

This is just as poorly written up as last time [slashdot.org]. These are truly bugs in the programs using undefined parts of the language. It's silly to blame the compiler.

Bad summary is bad

[werepants]

This is not really about the existence of bad compiler optimization - it is about a tool called Stack that can be used to detect this, which is known as "unstable" code, and has been used to find lots of vulnerabilities already.

Old news

[Anonymous Coward]

I know that at least GCC will get rid of overflow checks if they rely on checking the value after overflow (without any warning), because C defines that overflow on signed integers is undefined. This is even documented. If anything is declared by the language specification as being undefined, expect trouble.

Floating point algorithms too

[Anonymous Coward]

Compilers can also "optimize" away Kahan summation algorithm. See page 6 of How Futile are Mindless Assessments of Roundoff in Floating-Point Computation [berkeley.edu]

Re:Complete nonsense....

[Anonymous Coward]

Except not, so now we have explicit_bzero()