Mailinglist Archive: opensuse-bugs (19837 mails)

< Previous Next >
[Bug 359490] memtest reports memory failure but RAM is O.K.
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Thu, 1 May 2008 21:13:40 -0600 (MDT)
  • Message-id: <20080502031340.B260CCC6D4@xxxxxxxxxxxxxxxxxxxxxx>
https://bugzilla.novell.com/show_bug.cgi?id=359490

User kernel01@xxxxxxxxxxxxxx added comment
https://bugzilla.novell.com/show_bug.cgi?id=359490#c25





--- Comment #25 from Carl-Daniel Hailfinger <kernel01@xxxxxxxxxxxxxx>
2008-05-01 21:13:40 MST ---
This is US-CERT Vulnerability Note VU#162289: C compilers may silently discard
some wraparound checks.

More info here:
http://lwn.net/Articles/278137/
http://www.kb.cert.org/vuls/id/162289

Basically, it turned out that a long-time recommended C secure programming
practice depended on undefined behaviour and nobody figured this out for years.
Now that compilers optimize away undefined code all those wraparound checks
explode.

Most of the proposed fixes to existing code so far have been ugly (casting
pointers to unsigned long) or advocate changing the code structure (calling an
extra function to check for wraparound).


--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >