[OTR-dev] 4.0.0-rc3 ready to roll. Please try it out!
gdt at ir.bbn.com
Mon Sep 3 19:40:54 EDT 2012
Ian Goldberg <ian at cypherpunks.ca> writes:
> On Mon, Sep 03, 2012 at 06:40:08PM -0400, Greg Troxel wrote:
>> Ian Goldberg <ian at cypherpunks.ca> writes:
>> > OK, then I guess the thing to do is just to turn off hardening for that
>> > build environment? [I believe the hardening is only actually enabled
>> > when -O2 is on, regardless of whether the compiler options are specified
>> > or not, so turning it to -O1 or -O0 will also turn off hardening, so you
>> > may as well just turn off the hardening and leave it at -O2.]
>> I was going to leave on SSP and use -O1, but if SSP really needs -O2, I
>> might as well use -O2 and no SSP.
> That's my understanding.
I'll look into this more; probably when libotr is really released and I
update - then I can point people to it easily.
>> I plan to just do that for all of
>> pkgsrc to start; it doesn't seem that harmful (or -O1 didn't).
>> There's still a tiny chance there's something sick going on where the
>> code is buggy and with SSP things can be proved to always overwrite so
>> it just returns, and thus the compiler is right. But I'll give that
>> only 2 in 10^4, esp. since I'd expect an abort if SSP triggers.
> If that were the case, I'd expect later versions of gcc to behave the
> same way, though? Well, I guess not necessarily. But if gcc 4.1.3 is
> _correctly_ optimizing away a good chunk of the whole function, then
> something is wrong in the common case, and valgrind would have reported
> it, I'd think?
Yes, that's why I am giving that scenario (buggy code, defensible gcc)
vanishingly small odds.
It would be really nice to have a test case run with make check.
Perhaps just creating two contexts and having them communicate and see
if it ends up with transferred plaintext. Then it's much easier to
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 194 bytes
Desc: not available
More information about the OTR-dev