Re: [PATCH] C undefined behavior fix

From: Joe Buck (jbuck@synopsys.COM)
Date: Wed Jan 02 2002 - 18:59:25 EST

Robert Dewar writes:

> The concept of "all reasonable compiler implementations" is a very dubious
> one. There is nothing to stop a valid C compiler from building assertions
> based on the quoted paragraph from the C standard, e.g. it could derive
> valid range information from knowing that an offset was constrained to
> certain limits. So writing bogus C like this is risky, and as compilers
> get more sophisticated, one is likely to hear screams, but they are not
> justified in my opinion. There is no excuse for such abuse.

There is already such a project under development: see

This is a modification to gcc that implements pointers as triples.
While there is a performance penalty for doing this, it can completely
eliminate the problem of exploitable buffer overflows. However, programs
that violate the rules of ISO C by generating out-of-range pointers will

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Mon Jan 07 2002 - 21:00:19 EST