On 28/09/2023 12:55, Siddhesh Poyarekar wrote: > +Security features implemented in GCC > +------------------------------------ > + [...] > + > + Similarly, GCC may transform code in a way that the correctness of > + the expressed algorithm is preserved, but supplementary properties > + that are not specifically expressible in a high-level language > + are not preserved. Examples of such supplementary properties > + include absence of sensitive data in the program's address space > + after an attempt to wipe it, or data-independent timing of code. > + When the source code attempts to express such properties, failure > + to preserve them in resulting machine code is not a security issue > + in GCC.
I think it would be worth mentioning here that compilers interpret source code according to an abstract machine defined by the source language. Properties of a program that cannot be described in the abstract machine may not be translated into the generated machine code. This is, fundamentally, describing the 'as if' rule. R.
