[...] > Isn't it interesting that their one example will potentially dereference > the null pointer even before compiler optimizations (from the paper): > > struct tun_struct *tun=....; > struct sock *sk = tun->sk; > if(*tun) return POLLERR; > > The check to see that tun is non-null should occur before use, as in - > quite frankly it is useless to check after as tun cannot be the null > pointer (the program hasn't crashed): > [...] They do say in the paper that the code possibly dereferences a null pointer, irrespective of optimisation or not. Thus the code was always broken, it might just have been missed, because compilers could have considered reordering the instructions or maybe substitute the expression tun->sk for sk. Best, Michael
Attachment:
pgpLlMxuevoq7.pgp
Description: PGP signature