Once upon a time, Gregory Maxwell <gmaxwell@xxxxxxxxx> said: > But is it only me who worries that lots of people are running code > exposed to the internet that has obviously never even been run under > valgrind? Yeah, people are acting like Adobe Flash is the only program in the world to make this (unfortunately quite easy) mistake. ISTR some old configure scripts (the rn/trn/perl one maybe?) that actually checked memcpy's overlap behavior at compile time. Somebody else has already reported finding another program (in the Fedora distribution even) that suffered from the same problem. Yes, by standards, memcpy is free to explode the universe if you call it with overlapping source and destination. It doesn't mean it is the right thing to do, especially for a limited performance gain (and only on certain CPUs). Changing its behavior is an ABI change, even if an undocumented one. -- Chris Adams <cmadams@xxxxxxxxxx> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
