[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: C++

From: olafBuddenhagen
Subject: Re: C++
Date: Tue, 27 Oct 2009 08:29:08 +0100
User-agent: Mutt/1.5.19 (2009-01-05)


On Thu, Sep 24, 2009 at 01:28:18PM -0600, Andrew Waidler wrote:

> Another point is that compilers sometimes  over-optimize to the point
> of causing security bugs, which I think this  was the recent example
> in Linux; http://lwn.net/Articles/341773/

The compiler didn't actually cause a security bug. What it did was
optimize code that was already a security bug in itself, in a way that
would be perfectly safe in a normal situation; but in combination with
one or two other kernel bugs that broke gcc's assumptions, it was
elevated from "merely" a DoS to a code injection.

This was an extremely specific situation; concluding that compilers are
generally dangerous would be ridiculous.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]