[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Tinycc-devel] Proposal for handling alloca(). Anyone see a problem
From: |
Philippe Ribet |
Subject: |
Re: [Tinycc-devel] Proposal for handling alloca(). Anyone see a problem with it? |
Date: |
Tue, 08 May 2007 09:22:02 +0200 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040413 Debian/1.6-5 |
David A. Wheeler wrote:
I said earlier:
So maybe it's not so hard to implement alloca() traditionally... I'll need to
investigate how it interacts with the buffer-overflow detection stuff
After looking over the original papers about it, and the tcc code, doing the
buffer-overflow stuff for alloca() looks pretty easy!
It appears that alloca() just needs to call __bound_new_region(void *p,
unsigned long size). Since alloca()'ed code may be an array, to make it work
with bounds-checking, alloca should reserve at least one more byte (I'd reserve
4 more bytes, for alignment).
alloca(3), with the extra-byte for bound checking will give you the
right alignment. No need to reserve 4 bytes.
I just read the Linux manpage for alloca. It's quite interesting and not
so long, so I copy it here.
ALLOCA(3) Linux Programmer's
Manual ALLOCA(3)
NAME
alloca - memory allocator
SYNOPSIS
#include <alloca.h>
void *alloca(size_t size);
DESCRIPTION
The alloca function allocates size bytes of space in the stack
frame of the caller. This tempo-
rary space is automatically freed when the function that called
alloca returns to its caller.
RETURN VALUE
The alloca function returns a pointer to the beginning of the
allocated space. If the alloca-
tion causes stack overflow, program behaviour is undefined.
CONFORMING TO
There is evidence that the alloca function appeared in 32v,
pwb, pwb.2, 3bsd, and 4bsd. There
is a man page for it in BSD 4.3. Linux uses the GNU version.
This function is not in POSIX or
SUSv3.
NOTES ON THE GNU VERSION
Normally, gcc translates calls to alloca by inlined code. This is
not done when either the -ansi
or the -fno-builtin option is given. But beware! By default the
glibc version of <stdlib.h>
includes <alloca.h> and that contains the line
# define alloca(size) __builtin_alloca (size)
with messy consequences if one has a private version of this
function.
The fact that the code is inlined, means that it is impossible to
take the address of this func-
tion, or to change its behaviour by linking with a different library.
The inlined code often consists of a single instruction adjusting
the stack pointer, and does
not check for stack overflow. Thus, there is no NULL error return.
BUGS
The alloca function is machine and compiler dependent. On
many systems its implementation is
buggy. Its use is discouraged.
On many systems alloca cannot be used inside the list of
arguments of a function call, because
the stack space reserved by alloca would appear on the stack in
the middle of the space for the
function arguments.
After reading this, I don't think we absolutely have to implement alloca
to work in the hardest cases if it's a pain to implement.
Best regards,
--
Philippe Ribet
The README file said
"Requires Windows 95, NT 4.0, or better."
So... I installed it on Linux!
Re: [Tinycc-devel] Proposal for handling alloca(). Anyone see a problem with it?, Rob Landley, 2007/05/07
- Re: [Tinycc-devel] Proposal for handling alloca(). Anyone see a problem with it?, Dave Dodge, 2007/05/08
- Re: [Tinycc-devel] Proposal for handling alloca(). Anyone see a problem with it?, Fred Weigel, 2007/05/08
- Re: [Tinycc-devel] Proposal for handling alloca(). Anyone see a problem with it?, Daniel Glöckner, 2007/05/08
- Re: [Tinycc-devel] Proposal for handling alloca(). Anyone see a problem with it?, David A. Wheeler, 2007/05/08
- Re: [Tinycc-devel] Proposal for handling alloca(). Anyone see a problem with it?, Daniel Glöckner, 2007/05/08