| Age | Commit message (Collapse) | Author |
|---|
|
http://gcc.gnu.org/ml/gcc-bugs/1999-08n/msg00621.html
and described in the related thread.
This particular problem used to not be triggered (or not often), but the
use of propolice affects the instruction flow, and started triggering it
more often, for example in Qt's qmenubar class.
Ironically, running with /etc/malloc.conf->AJ would neuter the bug in this
case...
Problem tracked by espie@ and etoh@, tested by various, ok deraadt@
|
|
deraadt@ ok
|
|
length passed to common functions such as strlcpy/strlcat match the
real length of the buffer. It also checks to make sure that the bound
length was not incorrectly derived from a sizeof(pointer) operation.
Functions must be marked with the new attribute __bounded__, and warnings
are turned on by -Wbounded. Specifying -Wformat also enables bounds
checking for scanf(3) bounds to '%s' format variables. -Wall now turns
on -Wbounded also.
The checking is pretty limited right now to constant parameters, and the
buffers must be statically declared, and not inside a record type. This
simple checking still found hundreds of bugs around the ports tree though,
and there have been no false positive warnings.
10x to niklas@, Richard Sharp and David Scott {rich,dave}@recoil.org for
compiler advice. deraadt@ ok, miod@ tested on his collection of hardware
You need to recompile gcc now if source upgrading in -current before
doing a make world.
|
|
Exact copy of the snapshot, except for the removal of
texinfo/
gcc/ch/
libchill/
|
