来源:安全焦点

Title:[xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability

Affected version : <= BCB6+ent_upd4
Vendor: http://borland.com/
Url:


XFOCUS (http://www.xfocus.org) had already discovered
a vulnerability in BCB6(ent_upd4) compiler.
It maybe cause integer overflow if you misuse use sizeof operator.


/**
* check_compiler_sizeof_vulnerability.c
*
* Check compiler whether correct deal with sizeof operator,
* which can cause integer overflow if you careless use !!!
*
* note: some old compiler have this vulnerability!!!!
*
* by alert7@xfocus.org
*
* XFOCUS Security Team
* http://www.xfocus.org
*
* already tested:
*
* BCB6+ent_upd4....................................vuln !!!
* gcc version 4.0.0 20050519 (Red Hat 4.0.0-8).....not vuln
* gcc version 2.95.3-4(cygwin special).............not vuln
* gcc version egcs-2.91.66.........................not vuln
* cc: Sun WorkShop 6 2000/04/07 C 5.1 .............not vuln
* VC6+sp5..........................................not vuln ,thank eyas
* lcc version 3.8..................................not vuln ,thank tombkeeper
* evc4+sp4.........................................not vuln ,thank san
*
* REQUEST YOUR COMMENT:
* VC6 not sp5......................................?
* VC7..............................................?
* evc not sp4......................................?
* freebsd gcc version..............................?
* openbsd gcc version..............................?
* ...
*/
#include <stdio.h>

int main(int argc, char *argv[])
{
      int i =-1;

      printf("Check compiler whether correct deal with sizeof operator\n");
      printf("  by alert7@xfocus.org \n\n");

      if (i > sizeof ( int ) )
      {
           printf("This compiler is not vuln\n");
      }else
           printf("This compiler is vuln!!!\n");

      getchar();

      return 0;
}


--EOF

根据测试
DEV C++ V4.9.9.2和 VC6+SP6都不存在此漏洞。

附加说明
DEV-C++使用的就是GCC编译器.
准确的说是MINGW编译器环境.GCC的WIN移植版本.GCC 3.4.2

一个jle一个jbe,不能当成有符号数处理?