Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 15 Apr 2017 12:13:28 +0200
From: Andreas Lausch-Waas <andreas@...usch.at>
To: oss-security@...ts.openwall.com
Subject: Re: alloca in inline functions can be dangerous

On 2017-04-10 16:55, Leandro Pereira wrote:
> On Mon, Apr 10, 2017 at 7:36 AM, Jason A. Donenfeld <Jason@...c4.com> wrote:
>> I'm interested if anybody else has encountered this behavior or has any
>> thoughts about it.
> Yes, and I usually mark those functions with __attribute__((noinline))
> to avoid precisely this kind of behavior.
>

This (VLAs in loops or inlines filling the stack) would be a gcc bug: 
"Jumping or breaking out of the scope of the array name deallocates the 
storage. Jumping into the scope is not allowed; you get an error message 
for it.". See https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html

At least GCC 6.3.1 does not call alloca for VLAs.


--
Andreas

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ