Bug originally reported against gcc 4.1.1 by Felix von Leitner, found at http://blog.fefe.de/?ts=bb5517a4 (filed as PR #30475).
This is sort of a "follow-up" bug report, but with a different _focus_ and a different _aim_, namely the gcc developers, especially Andrew Pinski, to provide a patch against older gcc versions to vendors that wish to or must continue to use them, which unbreaks the inability of "-fwrapv" to disable gcc optimising away code often used in security checks added to an existing legacy code base. These patches should be provided publicly, so that any operating system ven- dor who uses gcc2 or gcc3 can pick them up, because it is not MirBSD specific. I found out that gcc 3.4.6 (MirBSD; Propolice) and both gcc 2.95 and 3.4.3 on DragonFly BSD are vulnerable as well, but did not want to report that because they are heavily patched against the FSF version. However, Andrew Pinski writes in the following comment: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30475#c2 That adding "-fwrapv" to the command line should fix this important security issue. This, however, does not work for me on gcc 3.4.6 (MirBSD, of course), but I've got a shell account on a Debian GNU/Linux 4.0 box, whose sy- stem gcc 4.1.2 20061115 (prerelease) (Debian 4.1.1-21) indeed suppresses this optimisation with "-fwrapv". I then downloaded gcc-core-3.4.6.tar.gz (the pristine source), extracted and compiled it on that Debian box. [EMAIL PROTECTED]:~/test $ bin/bin/gcc -v Reading specs from /home/t/tglaser/test/bin/lib/gcc/i686-pc-linux-gnu/3.4.6/specs Configured with: ../gcc-3.4.6/configure --prefix=/home/t/tglaser/test/bin --enable-languages=c --disable-nls --disable-shared Thread model: posix gcc version 3.4.6 [EMAIL PROTECTED]:~/test $ rm -f a.out; bin/bin/gcc -O0 int.c && ./a.out 200 100 a.out: int.c:4: foo: Assertion `a+100 > a' failed. Aborted 134|[EMAIL PROTECTED]:~/test $ rm -f a.out; bin/bin/gcc -O1 int.c && ./a.out 200 100 -2147483549 2147483647 255|[EMAIL PROTECTED]:~/test $ rm -f a.out; bin/bin/gcc -O1 -fwrapv int.c && ./a.out 200 100 -2147483549 2147483647 255|[EMAIL PROTECTED]:~/test $ cat int.c #include <assert.h> int foo(int a) { assert(a+100 > a); printf("%d %d\n",a+100,a); return a; } int main() { foo(100); foo(0x7fffffff); } [EMAIL PROTECTED]:~/test $ rm -f a.out; bin/bin/gcc -Os -fwrapv int.c && ./a.out 200 100 -2147483549 2147483647 -- Summary: Integer Overflow detection code optimised away, -fwrapv broken Product: gcc Version: 3.4.6 Status: UNCONFIRMED Severity: critical Priority: P3 Component: c AssignedTo: unassigned at gcc dot gnu dot org ReportedBy: tg at mirbsd dot org GCC build triplet: i686-pc-linux-gnu GCC host triplet: i686-pc-linux-gnu GCC target triplet: i686-pc-linux-gnu http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30477
