It's the compiler's fault - how good source code becomes a vulnerable implementation

As a faculty having taught programming classes for many years, I have stressed the value of writing good code, with the requisite error checks. Some languages like C/C++ need to be compiled, and over the years, compilers have been augmented with the capacity to make "smart" decisions about the source code, usually to improve execution speed or warn of dangerous omissions ("you did remember to initialize that value, right?").

Brad Spengler, a security researcher, has created an instance of code where the compiler's "smart" logic actually degrades the overall security of the resulting binary by introducing a vulnerability that until now seemed un-exploitable.

After reading the SANS ISC post below, you might just be right to claim that it was the compiler's fault: "the compiler will introduce the vulnerability to the binary code, which didn't exist in the source code."

A someone who has helped grow generations of students into programmers, the suggested fix is not acceptable as it puts the burden on the programmer to know how the compiler will optimize the code. A "smart" compiler should not penalize a programmer for being extra careful with his/her code.

Src: A new fascinating Linux kernel vulnerability | SANS ISC

No comments: