| |||||||||||||
Glibc change exposing bugsGlibc change exposing bugsPosted Nov 17, 2010 14:45 UTC (Wed) by meuh (subscriber, #22042)In reply to: Glibc change exposing bugs by oak Parent article: Glibc change exposing bugs
As I said here https://bugzilla.redhat.com/show_bug.cgi?id=638477#c116
Using -D_FORTIFY_SOURCE enable only check for overflow when source and destination length are known (or can be computed).
_chk() variant of memset(), memcpy(), etc. didn't check for overlap.
And one should know that GCC provides inline versions of such functions, so valgrind won't be able to overload them and provide stronger argument checking.
(Log in to post comments)
Glibc change exposing bugs Posted Nov 17, 2010 19:08 UTC (Wed) by oak (subscriber, #2786) [Link] > And one should know that GCC provides inline versions of such functionsWasn't this article about Glibc memcpy(), not the GCC (libgcc?) one? Anyway, AFAIK GCC does that only if code is compiled with optimizations. Valgrind and -O0 compiled code are speed-wise pretty horrible combination though. Then it might be better to use one of the other memory debugging tools that don't do CPU emulation like Valgrind does... Note that GCC doesn't inline its memcpy() code just for explicit (fixed size) memcpy() calls. Inlined version may also be used for assignments and developers are able to mess up addresses of variables used in thing like this too: struct foobar_t *a = arg1, *b = arg2; ... *a = *b; (I found this issue on implicit GCC memcpy() when my code didn't have correct alignment for one of above kind of pointers on platform that required things to be properly aligned. It triggering a kernel alignment exception handler bug had me scratching my head until more knowledgeable colleague came to rescue... I think with overlapping pointer addresses results may be even more mysterious as they show up later.)
|
|||||||||||||