On Mon, Jul 15, 2013 at 5:59 PM, Alvaro Herrera
<alvherre@2ndquadrant.com> wrote:
> Xi Wang escribió:
>> Intel's icc and PathScale's pathcc compilers optimize away several
>> overflow checks, since they consider signed integer overflow as
>> undefined behavior. This leads to a vulnerable binary.
>
> This thread died without reaching a conclusion. Noah Misch, Robert Haas
> and Greg Stark each gave a +1 to the patches, but Tom Lane gave them a
> -inf; so they weren't applied. However, I think everyone walked away
> with the feeling that Tom is wrong on this.
>
> Meanwhile Xi Wang and team published a paper:
> http://pdos.csail.mit.edu/~xi/papers/stack-sosp13.pdf
>
> Postgres is mentioned a number of times in this paper -- mainly to talk
> about the bugs we leave unfixed.
>
> It might prove useful to have usable these guys' STACK checker output
> available continuously, so that if we happen to introduce more bugs in
> the future, it alerts us about that.
Yeah, I think we ought to apply those patches. I don't suppose you
have links handy?
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company