[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 10/16] libelf: check all pointer accesses

George Dunlap writes ("Re: [Xen-devel] [PATCH 10/16] libelf: check all pointer 
> On Thu, Jun 6, 2013 at 3:51 PM, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> wrote:
> > Making the change you propose would raise questions about whether (eg)
> > some other code somewhere might think dest_base==0 means something
> > special.  (I don't think it does, but it's an argument against
> > changing things.)
> Yes, of course there is a problem; what I was suggesting was,
> supposing there were such a problem, which would be most likely to
> show it up in a helpful way -- setting dest_base to 0, or leaving it
> to what is (at the moment) a valid address?

Setting it to 0 would be semantically wrong for that other code.
Leaving it as a non-0 value would be right.  All the places where it's
used have been changed to check the dest_size too.

> We could also, I suppose, do "dest_base+=dest_size" before setting
> dest_size to 0.  Then dest_base in theory shouldn't be a valid address
> either.

That would be Undefined Behaviour.  If we did that the compiler might
be "entitled" to "prove" false things about our code, and compile it.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.