[Full-disclosure] Major gcc 4.1.1 and up security issue
Gwiasda Patrick
patrick.gwiasda at itellium.com
Tue Jan 16 10:52:36 GMT 2007
Hi,
this looks strange.
I have made a test with gcc 4.03. The assertation was thrown correctly.
So, is this only with gcc > 4.1?
It seems that the interpretation of the standard was in gcc 4.03
"better".
~$ ./a.out
200 100
a.out: test.c:5: foo: Assertion `(int)(a+100) > 0' failed.
Aborted
kt1360 at a06006ru:~$ gcc --version
gcc (GCC) 4.0.3 (Ubuntu 4.0.3-1ubuntu5)
Copyright (C) 2006 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is
NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
Regards
Patrick
Full-Disclosure is hosted and sponsored by Secunia.