Re: A Famous Security Bug

Liste des GroupesRevenir à cl c 
Sujet : Re: A Famous Security Bug
De : jameskuyper (at) *nospam* alumni.caltech.edu (James Kuyper)
Groupes : comp.lang.c
Date : 22. Mar 2024, 18:38:13
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <utkfm6$311sb$4@dont-email.me>
References : 1 2 3 4 5 6 7 8
User-Agent : Mozilla Thunderbird
On 3/22/24 13:20, Kaz Kylheku wrote:
On 2024-03-22, Keith Thompson <Keith.S.Thompson+u@gmail.com> wrote:
...
Are you claiming that a function call is observable behavior?
>
Yes. It is the observable behavior of an unlinked translation unit.

In the context of the C standard, "observable behavior" is a term with a
precisely specified meaning which is NOT "behavior which can be
observed". That definition does not cover function calls, not even those
with external linkage. What the standard says about what optimizations
are permitted is in terms of "observable behavior", NOT "behavior which
can be observed".

Are you saying that the "call" instruction generated for the function
call is *observable behavior*?
>
Of course; it can be observed externally, without doing any reverse
engineering on the translated unit.

And the C standard imposes no requirement that such behavior occur as
described by the abstract semantics. Only actual observable behavior, as
that term is defined by the C standard, must occur as if those semantics
were followed - whether or not they actually were.

...
If an implementation doesn't generate
that "call" instruction because it's able to determine at link time that
the call does nothing, that optimization is forbidden?
>
The text says so. Translation units are separate; semantic analysis is
finished in translation phase 7; linking in 8.

Translation phases are specified solely for the purpose of expressing
the precedence of the corresponding semantic rules. The standard
explicitly allows for the phases to be intermingled or even done out of
order, so long as the observable behavior is behavior that would be
permitted if they had been done in the order specified.

Out of translation phases 1-7 we get a concrete artifact: the translated
unit. That has externally visible features, like what symbols it
requires. Its behavior with regard to those symbols can be empirically
observed, validated by tests and expected to hold thereafter.

And the standard imposes no requirements on those externally visible
features, only on some (but not ALL) of the behavior that results from
executing the program.


Date Sujet#  Auteur
22 Mar 24 * Re: A Famous Security Bug24Kaz Kylheku
22 Mar 24 +* Re: A Famous Security Bug19Keith Thompson
22 Mar 24 i`* Re: A Famous Security Bug18Kaz Kylheku
22 Mar 24 i +* Re: A Famous Security Bug2James Kuyper
22 Mar 24 i i`- Re: A Famous Security Bug1Kaz Kylheku
22 Mar 24 i +- Re: A Famous Security Bug1David Brown
22 Mar 24 i `* Re: A Famous Security Bug14Keith Thompson
22 Mar 24 i  `* Re: A Famous Security Bug13Kaz Kylheku
23 Mar 24 i   `* Re: A Famous Security Bug12David Brown
23 Mar 24 i    `* Re: A Famous Security Bug11Kaz Kylheku
23 Mar 24 i     +* Re: A Famous Security Bug2David Brown
24 Mar 24 i     i`- Re: A Famous Security Bug1Kaz Kylheku
23 Mar 24 i     `* Re: A Famous Security Bug8James Kuyper
24 Mar 24 i      `* Re: A Famous Security Bug7Kaz Kylheku
24 Mar 24 i       `* Re: A Famous Security Bug6David Brown
24 Mar 24 i        `* Re: A Famous Security Bug5Kaz Kylheku
24 Mar 24 i         +* Re: A Famous Security Bug3David Brown
27 Mar 24 i         i`* Re: A Famous Security Bug2Kaz Kylheku
28 Mar 24 i         i `- Re: A Famous Security Bug1David Brown
24 Mar 24 i         `- Re: A Famous Security Bug1Chris M. Thomasson
22 Mar 24 +- Re: A Famous Security Bug1James Kuyper
22 Mar 24 `* Re: A Famous Security Bug3David Brown
22 Mar 24  `* Re: A Famous Security Bug2Kaz Kylheku
22 Mar 24   `- Re: A Famous Security Bug1David Brown

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal