[gnutls-devel] libtasn1 | Fix handling of code which uses NULL pointers + offset (fixes issue #30) (!71)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Wed Feb 3 07:27:13 CET 2021




Stefan Weil commented:


Code constructs like (NULL + offset) are undefined, so clang may handle that as NULL and ignore the offset. This can also be a security feature to avoid illegal memory access. Try this test program with `-O2`:

    #include <stdio.h>
    
    static void f(int offset, const void *p) {
      if (p != NULL) {
        printf("NULL+%d => %p\n", offset, p + offset);
      } else {
        printf("NULL+%d => NULL\n", offset);
      }
    }
    
    int main(int argc, char *argv[]) {
      void *p = NULL;
      f(argc, p);
      return 0;
    }

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/71#note_500125146
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210203/acc0f973/attachment.html>


More information about the Gnutls-devel mailing list