Описание
gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer overflow attacks, and provide no diagnostic message about this removal. NOTE: the vendor has determined that this compiler behavior is correct according to section 6.5.6 of the C99 standard (aka ISO/IEC 9899:1999)
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | ignored | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | |
| intrepid | ignored | |
| jaunty | ignored | |
| karmic | ignored | |
| upstream | ignored |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | ignored | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | ignored | |
| jaunty | ignored | |
| karmic | ignored | |
| upstream | ignored |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
Связанные уязвимости
gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer overflow attacks, and provide no diagnostic message about this removal. NOTE: the vendor has determined that this compiler behavior is correct according to section 6.5.6 of the C99 standard (aka ISO/IEC 9899:1999)
gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer overflow attacks, and provide no diagnostic message about this removal. NOTE: the vendor has determined that this compiler behavior is correct according to section 6.5.6 of the C99 standard (aka ISO/IEC 9899:1999)
gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not ...
** DISPUTED ** gcc 4.2.0 through 4.3.0 in GNU Compiler Collection, when casts are not used, considers the sum of a pointer and an int to be greater than or equal to the pointer, which might lead to removal of length testing code that was intended as a protection mechanism against integer overflow and buffer overflow attacks, and provide no diagnostic message about this removal. NOTE: the vendor has determined that this compiler behavior is correct according to section 6.5.6 of the C99 standard (aka ISO/IEC 9899:1999).
Уязвимость набора компиляторов для различных языков программирования GNU Compiler Collection (GCC), связанная с некорректной обработкой суммы указателя и целого числа, позволяющая нарушителю вызвать отказ в обслуживании или оказать иное воздействие
6.8 Medium
CVSS2