User: Password:
|
|
Subscribe / Log in / New account

Format string vulnerabilities

Format string vulnerabilities

Posted Feb 2, 2012 22:22 UTC (Thu) by khim (subscriber, #9252)
In reply to: Format string vulnerabilities by csd
Parent article: Format string vulnerabilities

How can it be faster? It generates identical code:

$ echo 'void foo() { printf("%s\n", "bar"); }' | gcc -S -O2 -xc - -o- 
	.file	""
	.section	.rodata.str1.1,"aMS",@progbits,1
.LC0:
	.string	"bar"
	.text
	.p2align 4,,15
.globl foo
	.type	foo, @function
foo:
.LFB0:
	.cfi_startproc
	movl	$.LC0, %edi
	jmp	puts
	.cfi_endproc
.LFE0:
	.size	foo, .-foo
	.ident	"GCC: (Ubuntu 4.4.3-4ubuntu5) 4.4.3"
	.section	.note.GNU-stack,"",@progbits


(Log in to post comments)

Format string vulnerabilities

Posted Feb 2, 2012 23:16 UTC (Thu) by csd (subscriber, #66784) [Link]

I meant that the *implementation* of puts is faster than printf, as puts doesn't have to parse through the first param like printf does. In your example, gcc simply optimized the code into calling puts instead of printf, which it can only do for a very limited number of cases (e.g. with a fixed constant as the 1st param, which is not the case that this article covers). In this very similar example, you can see that the generated code is quite different and will be slower to run:

$ echo 'void foo() { extern char *str; printf(str, "bar"); } ; char * str = "%s\n";' | gcc -S -O2 -xc - -o-
.file ""
<stdin>: In function ‘foo’:
<stdin>:1: warning: incompatible implicit declaration of built-in function ‘printf’
.section .rodata.str1.1,"aMS",@progbits,1
.LC0:
.string "bar"
.text
.p2align 4,,15
.globl foo
.type foo, @function
foo:
.LFB0:
.cfi_startproc
movq str(%rip), %rdi
movl $.LC0, %esi
xorl %eax, %eax
jmp printf
.cfi_endproc
.LFE0:
.size foo, .-foo
.globl str
.section .rodata.str1.1
.LC1:
.string "%s\n"
.data
.align 8
.type str, @object
.size str, 8
str:
.quad .LC1
.ident "GCC: (Ubuntu/Linaro 4.4.4-14ubuntu5) 4.4.5"
.section .note.GNU-stack,"",@progbits

So I'll restate my original statement to: "... In most cases, it's faster too"


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds