LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Implications of pure and constant functions

Implications of pure and constant functions

Posted Jun 12, 2008 20:04 UTC (Thu) by mtorni (subscriber, #3618)
Parent article: Implications of pure and constant functions

Are there any security implications of labeling a function pure or constant? Can a malicious user introduce a security bug by checking in a change which changes a function to const? Say ssl_verify_certificate() or sasl_authenticate()? Both are fictitious functions.

(Log in to post comments)

Implications of pure and constant functions

Posted Jun 12, 2008 20:38 UTC (Thu) by quotemstr (subscriber, #45331) [Link] 

The key here is "check in". If somebody can check a change in, he can wreak all sorts of
havoc, much of it even more subtle than function attribute changes.

Besides, using function attributes like this to be a sort of post-benchmarking magic that
undergoes strict code review.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds