Software Assurance Reference Dataset
Iain Buclaw via Digitalmars-d
digitalmars-d at puremagic.com
Mon Jul 14 13:33:51 PDT 2014
On 14 July 2014 11:07, via Digitalmars-d <digitalmars-d at puremagic.com> wrote:
> On Sunday, 13 July 2014 at 23:35:46 UTC, Walter Bright wrote:
>>
>> On 7/13/2014 4:04 AM, "Marc Schütz" <schuetzm at gmx.net>" wrote:
>>>
>>> On Sunday, 13 July 2014 at 03:25:08 UTC, Walter Bright wrote:
>>>>
>>>> On 7/11/2014 10:28 AM, deadalnix wrote:
>>>>>
>>>>> The compiler can ensure that you hit at least every 4k or so.
>>>>
>>>>
>>>> And it already does.
>>>
>>>
>>> Doesn't look so:
>>>
>>
>>> int bar(int a) {
>>> int[8000] b = void;
>>> b[$-1] = a;
>>> return b[$-1];
>>> }
>>
>>
>> On Win32:
>>
>> _D4foo53barFiZi comdat
>> assume CS:_D4foo53barFiZi
>> push EBP
>> mov EBP,ESP
>> mov EDX,7
>> L8: sub ESP,01000h
>> test [ESP],ESP
>> dec EDX
>> jne L8
>> sub ESP,0D04h
>> lea ECX,-8[EBP]
>> mov [ECX],EAX
>> mov EAX,-8[EBP]
>> leave
>> ret
>>
>> It doesn't do it on Linux because gcc doesn't do it. But the capability is
>> in the back end, and it does it for alloca(), too.
>
>
> Hmm... but this using DMD, not GDC. Or do you mean that DMD doesn't do it,
> because GCC doesn't do it either? If so, what is the reason for this? Why
> shouldn't this feature be enabled on every platform?
For GDC, there is -fstack-protector (which is turned on by default in
distributed binaries from Ubuntu). However IIRC only functions that
use alloca or have static arrays of type char are actually checked.
Declaring an int[100] doesn't invoke alloca, so you won't see it.
The bounds checking in D alone is enough to catch most common
overflowing stack bugs.
Regards
Iain
More information about the Digitalmars-d
mailing list