New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Serializing long double variables leaks uninitialized memory #625
Comments
¹ it's at least unspecified. C2x says that accessing padding of integers, unions and structures is unspecified, but doesn't say anything about floating-point values, so it may be formally undefined. I haven't dug into the C++ standard on this one. |
Thank you @stephentyrone . Do you know of any portable way to extract the relevant (eg. non-padding) number of bytes of a long double? Something like a |
I don't have a fully general method. The following will work correctly for any system you are likely to encounter that uses IEEE 754 floating-point types, but is not perfectly general.
|
FYI, this issue has been assigned the following CVE number: CVE-2020-11104 |
Serializing the C/C++ native type
long double
stores uninitialized data into the serialized form.Compile and run the following program with valgrind to observe this.
It is apparently an inherent trait of the
long double
type that even an initialized variable leaves some of its raw storage uninitialized.This gives valgrind errors when compiled with both gcc and clang:
The text was updated successfully, but these errors were encountered: