Conversation

CVE-2019-6208 (Jann Horn of Google Project Zero) may be described in the pictures. I didn't find this by binary diff, I find this by bug collision :-( :-( :-(
Image
Image
2
37
Replying to
Oh, then that’s my mistake. This uninitialized stack memory bug was fixed in 10.14.3, and the only CVE describing kernel memory leak is your CVE, that’s why I thought my bug conflicted with yours.
2
Replying to and
I don't know the accurate answer. Maybe some do that(e.g. -finit-local-zero under some gcc) while others don't. On the other side, C standard says the local variable has an uninitialized value, you should zero it by yourself.
2
Clang implementation is intended to be production quality along with having useful features for debugging (not just zero bytes for hardening) but they don't want it to be a way to get well-defined semantics for uninitialized variables as a new language dialect. It's still a bug.
1
1
Since if it was defined as zeroing, it wouldn't be possible to detect uninitialized variable usage. The better solution to the problem is outright preventing uninitialized variable usage like Rust without having any default, just forcing init before usage based on control flow.
1
1
Show replies