[llvm-commits] [llvm] r157261 - in /llvm/trunk: include/llvm/InitializePasses.h include/llvm/LinkAllPasses.h include/llvm/Transforms/Scalar.h include/llvm/Transforms/Utils/Local.h lib/Transforms/InstCombine/InstCombine.h lib/Transforms/InstCombin
Duncan Sands
baldrick at free.fr
Wed May 23 12:48:12 PDT 2012
>> Of course that with this approach we will miss some bugs, namely those
>> that incur in undefined behavior that is exploited by the compiler.
>> But as far as security is concerned, this is fine.
This is fine???????!!!!!! Isn't undefined behaviour due to (eg) integer
arithmetic overflow one of the major causes of buffer overflow?!
> That isn't how undef works... it's possible (but probably rare) we'll
> eliminate the bounds check, but not the load.
Yeah. In my opinion if you are going to do bounds checking it should try
hard to be robust in the face of uninitialized variables (undef) and things
like signed integer overflow (trap value).
Ciao, Duncan.
More information about the llvm-commits
mailing list