https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
--- Comment #13 from Kangjie Lu ---
(In reply to jos...@codesourcery.com from comment #10)
> If you care about information in bytes that are not part of a field with
> other semantic significance, you should use -Werror=padded to get errors
> o
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
--- Comment #12 from Kangjie Lu ---
(In reply to Andreas Schwab from comment #11)
> The problem with that strategy is that padding is architecture dependent,
> and care must be taken not to introduce ABI breakage.
Agreed. Or a developer will hav
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
--- Comment #11 from Andreas Schwab ---
The problem with that strategy is that padding is architecture dependent, and
care must be taken not to introduce ABI breakage.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
--- Comment #10 from joseph at codesourcery dot com ---
If you care about information in bytes that are not part of a field with
other semantic significance, you should use -Werror=padded to get errors
on structs with padding and use that infor
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
--- Comment #9 from Kangjie Lu ---
(In reply to Andrew Pinski from comment #8)
> A simple google search (secure memset [glibc]) finds a few things:
> http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1381.pdf
>
> https://sourceware.org/ml/libc-al
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
--- Comment #8 from Andrew Pinski ---
A simple google search (secure memset [glibc]) finds a few things:
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1381.pdf
https://sourceware.org/ml/libc-alpha/2014-12/msg00506.html
https://www.securecodi
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
--- Comment #7 from Kangjie Lu ---
(In reply to Andrew Pinski from comment #6)
> >More information can be found in our research paper:
> >http://www.cc.gatech.edu/~klu38/publications/unisan-ccs16.pdf
>
>
> You research paper is wrong and does
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
--- Comment #6 from Andrew Pinski ---
>More information can be found in our research paper:
>http://www.cc.gatech.edu/~klu38/publications/unisan-ccs16.pdf
You research paper is wrong and does not consider C is an inherently insecure
language t
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77992
Andrew Pinski changed:
What|Removed |Added
Status|UNCONFIRMED |RESOLVED
Component|driver