int a[20], b[20], *p = a, i; if ((uintptr_t)(a + 20) == (uintptr_t)b) { b[5] = 1; for (i = 0; i < 40; i++) *p++ = 0; printf("%d\n", b[5]); }
@CopperheadSec @ch3root I don't see that language anywhere in the spec. Certainly cast to uintptr_t and back should be able to bypass.
-
-
@CopperheadSec@ch3root If the values as uintptr_t are equal, casting back should yield a pointer which could access either object. -
@RichFelker@CopperheadSec This is wrong in practice. gcc tracks pointer's origin through casts to integers (and even floats). -
@ch3root@RichFelker Yes, it's difficult to interpret the standard. But it's objectively true that GCC and LLVM do it this way. -
@CopperheadSec@ch3root Do you have an example to demonstrate the behavior I claim is a bug? -
@RichFelker@CopperheadSec Sure. It's too big for a tweet. Sent by email. -
@ch3root@CopperheadSec Thanks. I think this should be a bug report. -
@RichFelker@CopperheadSec Wait, you said that equality doesn't imply interchangability. What's the problem then? :-) -
@ch3root@CopperheadSec For integers it does. The requirements of an implementation-defined conversion and faithfulness for uintptr_t...
End of conversation
New conversation -
-
-
@RichFelker@ch3root Still seems like it's undefined unless the uintptr_t was cast from a pointer to the object that's being accessed. -
@CopperheadSec@ch3root Integrrs don't have "memory" of where they came from. Imagine printf, user types it back, scanf. -
@RichFelker@ch3root That's undefined under the interpretation of the C standard used by GCC and LLVM. -
@CopperheadSec@ch3root If so their models are inconsistent with the standard. -
@RichFelker@ch3root This interpretation is based on rules involving things like aliasing rather than integer -> pointer casts themselves. -
@CopperheadSec@ch3root It's still wrong. printf 2 equal-as-uintptr_t ptrs. User types one back in. Which object is it allowed to access? -
@RichFelker@CopperheadSec Yes, this is one to strip history. Another one is pass it through a volatile variable. -
@RichFelker@CopperheadSec If a compiler cannot "see" history it has to be cautious. The problem is when it can see it.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.