Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <878qs6m68f.fsf@oldenburg.str.redhat.com>
Date: Mon, 23 Dec 2024 22:36:48 +0100
From: Florian Weimer <fweimer@...hat.com>
To: Yuri Gribov <tetra2005@...il.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: Re: Out-of-bounds read & write in the glibc's
 qsort()

* Yuri Gribov:

> On Mon, Dec 23, 2024 at 8:47 PM Florian Weimer <fweimer@...hat.com> wrote:
>> It's a bit odd that you disable reflexivity checks by default, but quite
>> a few of the issues reported are in this category.
>
> I think back then I wanted to make default settings free of false
> positives. Often sorted arrays may only contain unique elements and in
> such cases reflexivity checks are useless.

Are they?  In the longstanding glibc quicksort implementation (usually
hidden behind a merge sort), reflexivity was required to rediscover an
element that the implementation assumed to be there and dependent upon
for loop termination.  Other quicksort implementations seem to have
similar requirements.  For monomorphizing implementations such as
std::sort for C++ not doing the pointer (iterator) check actually makes
sense from a performance perspective.

Thanks,
Florian

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.