Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130822083233.GA21932@domone.kolej.mff.cuni.cz>
Date: Thu, 22 Aug 2013 10:32:33 +0200
From: Ondřej Bílka <neleai@...nam.cz>
To: Stephen Röttger <stephen.roettger@...il.com>
Cc: oss-security@...ts.openwall.com, gcc@....gnu.org
Subject: Re: PoC: Function Pointer Protection in C Programs

On Wed, Aug 21, 2013 at 07:04:58PM +0200, Stephen Röttger wrote:
> 
> > What is performance impact for program that just qsorts big array? It
> > looks like worst case scenario for me.
> 
> I just put together a quick test program that sorts an array of 10^6
> integers and stopped the execution time using "time". The results are as
> follows (+- 0,01s):
> 
> protection disabled, -O0:
> ./sort_nofpp_0  0,19s user 0,02s system 98% cpu 0,215 total
> 
> protection enabled, -O0
> ./sort_fpp_0  0,54s user 0,01s system 99% cpu 0,549 total
> 
> protection disabled, -O3
> ./sort_nofpp_3  0,15s user 0,01s system 98% cpu 0,157 total
> 
> protection enabled, -O3
> ./sort_fpp_3  0,51s user 0,00s system 99% cpu 0,511 total
> 
> So this makes quite a difference:
> 0,19s -> 0,54s
> 0,15s -> 0,51s

After bit of thought a loops with callback can be optimized by gcc.

It could be possible to teach CSE to rewrite

while(foo){
 check(p);
 (*p)(x,y,z);
}

into 

check(p);
while(foo){
 (*p)(x,y,z);
}

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.