Re: [Tinycc-devel] tricky little bounds-checking bug

From: grischka
Subject: Re: [Tinycc-devel] tricky little bounds-checking bug
Date: Thu, 07 Apr 2011 16:05:53 +0200
grischka wrote:
Before you invest too much time however note that Fabrice once said
that there is some flaw in the implementation of in the bounds checker
with (as I understood it) possible impact on reliability of detection.
I don't know what exactly he meant though.

FYI, this was Fabrice's original message (from 2007/11):

"Another point is that I realized that the bound check region algorithm
used in TCC is completely broken (the code to search the region associated
to a pointer does not work in all cases). I think the only way to make it
work reliably is to tag each allocated byte with one bit."

