>Sun's compilers for sparc come with a very nice feature: the debugger
>can instrument an a.out and check for some classes of errors at runtime.
>There's also a very nice batch interface to this: "bcheck -all a.out".
>
>Unfortunately this mechanism doesn't work properly in any version of
>Forte Developer 6 to date: it fails to detect many obvious buffer out
>of bounds array references. This is Sun bugID 4460648, which I'm told
>is marked as "Completed Closed" and "Not Fixed".
It's not marked any of that; it's in Open/accepted state.
>While this isn't a security problem per-se, given that many people rely
>on this (and similar) tools to test their software for a popular class
>of security related bugs, it is a notable defect.
>
>/* Compile me, then run "bcheck -all a.out".
> Half the bugs will be missed. */
>#include <stdlib.h>
>int main() {
> char *a = malloc(10);
> a[11]=9; /*hit*/
> a[20]=9; /*miss*/
> a[7190]=9; /*miss*/
> a[8190]=9; /*hit*/
> exit(0);
>}
Notice that when you leave out the first assignment, the debugger
will trigger on the second one, so perhaps it has some sort of
minimum granularity for warnings.
Strangly, it warns for both if you swap them.
It never warns for a[7190]=9 which is curious.
(ANd yes, xhost + should be stomped on)
Casper
