The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #187 [Re: "does the official decompilation compile [to the] same binary"] (1 message, 656 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/187.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: Chris Torek <chris@mimsy.umd.edu>
To: phage
Date: Wed 02:24:27 09/11/1988 EST
Subject: Re: "does the official decompilation compile [to the] same binary"
References: [Thread Prev: 182] [Thread Next: 188] [Message Prev: 186] [Message Next: 189]

No.  Among other things, the perpetrator's compiler had a bug such
that code of the form

	extern int nifs;
	extern struct interface ifs[];

	ifs[nifs].if_foo = bar;
	baz = ifs[nifs].if_baz;

compiled into the sequence

	movl	_nifs,r0
	ashl	$5,r0,r0		# compute subscript offset
	movl	bar,_ifs+0x14		# and then forget to use it

	movl	_nifs,r0
	ashl	$5,r0,r0
	movl	_ifs+0x10,baz

In each case the last `movl' should say `_ifs+offset(r0)' rather
than just `_ifs+offset'.  It is possible (in pre 4.3tahoe versions
of the Vax PCC) to get this code sequence with source of the form:

	ifs[nifs];
	ifs[0].if_foo = bar;

but there is at least one place where arguments are being pushed
onto the stack in preparation for a function call where this source
sequence cannot be used.

Chris

END OF DOCUMENT