I understand if this patch may not be 100% correct, but if I read the references correctly, the error is more of theoretical than practical concern since this particular compiler optimization is not likely to be implemented in the GNU compiler. Do we really think that GNU would include an optimization that broke 95% of the bounds checking implementations existing in the wild?
- Bug#708164: nginx proxy_pass buffer overflow (CVE-2013-2070) Cyril Lavier
- Bug#708164: nginx proxy_pass buffer overflow (CVE-2013-2... steven hay
- Bug#708164: nginx proxy_pass buffer overflow (CVE-2013-2... steven hay