[fpc-devel] Const optimization is a serious bug
Max Vlasov
max.vlasov at gmail.com
Mon Jul 4 23:33:43 CEST 2011
On Tue, Jul 5, 2011 at 12:39 AM, Chad Berchek <ad100 at vobarian.com> wrote:
> I've been reading over some of the recent discussion about reference
> counting problems with const string parameters. I've done some
> experiments and I believe that the so-called const optimization is a
> serious flaw, not just a corner case of questionable legitimacy. I have
> some sample code I will show which should be quite scary. Additionally,
> this is a security vulnerability. It is also a quiet bug, because it may
> go undetected for a long time but randomly result in unreproducible crashes.
>
Chad, I see your point, but you're exaggerating a little imho.
I tried this with Delphi 5, although the program lived, the string
became unusable, contained gardage after, so probably Borland already
had this issue many years ago. Don't get me wrong, but if you want to
fool the compiler, you will always be able to do this since you're a
human and it is just a program :) It's subjective on my side, but If
it existed so many years in borland/inprise/embarcadero products and I
can not remember my own bug fixes related to something like this, I
consider your example more artificial than one might think. But I'm
not representative here, and maybe others have other examples.
Also, can someone else test this on later delphis?
Max
More information about the fpc-devel
mailing list