From RISKS: secret scrubbing code removed by optimizers
Ben Lindstrom
mouring at etoh.eviladmin.org
Sat Nov 9 00:55:25 EST 2002
On Fri, 8 Nov 2002, Darren Tucker wrote:
> Dan Kaminsky wrote:
> > Has somebody actually verified this optimizing behavior in any build
> > of GCC? Does voliatile actually stop it?
>
> Yes (gcc-3.2 on a SPARC). Yes.
>
does setting -fno-builtin-memset at compile time stop gcc from
miscompiling?
- Ben
> -Daz.
>
> Test function:
> void myfunc1()
> {
> char p[100];
>
> scanf("%s\n", &p);
> memset(p, 0, 100);
> }
>
> gcc -s testfunc.c gives:
> myfunc1:
> !#PROLOGUE# 0
> save %sp, -216, %sp
> !#PROLOGUE# 1
> add %fp, -120, %o1
> sethi %hi(.LLC0), %o0
> or %o0, %lo(.LLC0), %o0
> call scanf, 0
> nop
> add %fp, -120, %o0
> mov 0, %o1
> mov 100, %o2
> call memset, 0
> nop
> nop
> ret
> restore
>
> gcc -s -O3 testfunc.c
> myfunc1:
> !#PROLOGUE# 0
> save %sp, -216, %sp
> !#PROLOGUE# 1
> sethi %hi(.LLC0), %g1
> or %g1, %lo(.LLC0), %o0
> call scanf, 0
> add %fp, -120, %o1
> nop
> ret
> restore
>
> Add "volatile" and inlines and unrolls memset:
> myfunc1:
> !#PROLOGUE# 0
> save %sp, -216, %sp
> !#PROLOGUE# 1
> sethi %hi(.LLC0), %g1
> or %g1, %lo(.LLC0), %o0
> call scanf, 0
> add %fp, -120, %o1
> mov 0, %o2
> mov 0, %o3
> std %o2, [%fp-120]
> std %o2, [%fp-112]
> std %o2, [%fp-104]
> std %o2, [%fp-96]
> std %o2, [%fp-88]
> std %o2, [%fp-80]
> std %o2, [%fp-72]
> std %o2, [%fp-64]
> std %o2, [%fp-56]
> std %o2, [%fp-48]
> std %o2, [%fp-40]
> std %o2, [%fp-32]
> st %g0, [%fp-24]
> nop
> ret
> restore
>
> --
> Darren Tucker (dtucker at zip.com.au)
> GPG Fingerprint D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
> Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list