"the compiler [...] re-ordered the code such that the unsafe memory access takes place before the condition is checked" #BadCompilerhttps://twitter.com/j00ru/status/836227114055643136 …
-
-
It knows st != STATUS_SUCCESS if lpInput == NULL, so on all other paths lpInput != NULL. I'll ask VC team to confirm :)
-
Sure, but != NULL doesn't mean "valid user-mode". Does it know that if lpInput is in the kernel, then !NT_SUCCESS(st)?
-
If no, I guess it could potentially allow reading invalid r0 ptrs (=>DoS even with try/except), with the right construct
-
Compiler doesn't know about UM/KM semantics, just knows lpInput is valid. Probe rules guarantee st != SUCCESS if it fails.
-
Agreed, that's what I thought (i.e. compiler followed C++ model). I guess j00ru was asking whether VC knew about UM/KM.
-
I was asking if it understands how probe+exception handling works together, since it's non-trivial.
-
if it does, which may be the case, then it's all good. :-)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.