diff options
author | Eugene Teo <eteo@redhat.com> | 2009-07-15 14:59:10 +0800 |
---|---|---|
committer | Willy Tarreau <w@1wt.eu> | 2009-07-20 00:00:25 +0200 |
commit | c23e12166a48df3c8a36a8263f37f5da8928e6b5 (patch) | |
tree | 0577bf9dd5e45ef7ad3d196bf6a058ec02a1fe88 | |
parent | f59f05521f88820e7198170bb3e95bb1cfaa1dca (diff) | |
download | linux-2.4-c23e12166a48df3c8a36a8263f37f5da8928e6b5.tar.gz |
Add '-fno-delete-null-pointer-checks' to gcc CFLAGS
[backported from 2.6 commit a3ca86aea507904148870946d599e07a340b39bf]
Turning on this flag could prevent the compiler from optimising away
some "useless" checks for null pointers. Such bugs can sometimes become
exploitable at compile time because of the -O2 optimisation.
See http://gcc.gnu.org/onlinedocs/gcc-4.1.2/gcc/Optimize-Options.html
An example that clearly shows this 'problem' is commit 6bf67672.
static void __devexit agnx_pci_remove(struct pci_dev *pdev)
{
struct ieee80211_hw *dev = pci_get_drvdata(pdev);
- struct agnx_priv *priv = dev->priv;
+ struct agnx_priv *priv;
AGNX_TRACE;
if (!dev)
return;
+ priv = dev->priv;
By reverting this patch, and compile it with and without
-fno-delete-null-pointer-checks flag, we can see that the check for dev
is compiled away.
call printk #
- testq %r12, %r12 # dev
- je .L94 #,
movq %r12, %rdi # dev,
Clearly the 'fix' is to stop using dev before it is tested, but building
with -fno-delete-null-pointer-checks flag at least makes it harder to
abuse.
Signed-off-by: Eugene Teo <eugeneteo@kernel.sg>
Acked-by: Eric Paris <eparis@redhat.com>
Acked-by: Wang Cong <amwang@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
[wt: make this flag conditional on 2.4 as older gccs don't have it]
Signed-off-by: Willy Tarreau <w@1wt.eu>
-rw-r--r-- | Makefile | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/Makefile b/Makefile index e59f11117edfef..83d413a72f8050 100644 --- a/Makefile +++ b/Makefile @@ -105,6 +105,9 @@ if_gcc4 = $(shell if echo __GNUC__ | $(CC) -E -xc - | grep -q '^4$$' > /dev/null # disable pointer signedness warnings in gcc 4.0 CFLAGS += $(call check_gcc,-Wno-pointer-sign,) +# disable stupid and dangerous "optimization" in gcc 3.2+ +CFLAGS += $(call check_gcc,-fno-delete-null-pointer-checks,) + # # ROOT_DEV specifies the default root-device when making the image. # This can be either FLOPPY, CURRENT, /dev/xxxx or empty, in which case |