Hi,
please be careful with any recent gcc if you expect it to compile v3/lib/lar.c the way it is intended to. We are likely to be affected by US-CERT Vulnerability Note VU#162289: C compilers may silently discard some wraparound checks.
More info here: http://lwn.net/Articles/278137/ http://www.kb.cert.org/vuls/id/162289
Basically, it turned out that a long-time recommended C secure programming practice depended on undefined behaviour and nobody figured this out for years. Now that compilers optimize away undefined code all those wraparound checks explode.
Most of the proposed fixes to existing code so far have been ugly (casting pointers to unsigned long) or advocate changing the code structure (calling an extra function to check for wraparound).
v3/lib/lar.c:find_file() has the following for loop:
char *walk; [...] for (walk = archive->start; (walk < (char *)(archive->start + archive->len - sizeof(struct lar_header))) && (walk >= (char *)archive->start); walk += 16) {
AFAICS the check (walk >= (char *)archive->start) can be optimized away.
Pointers to other possible affected code would be appreciated. Statements about the correctness of that for loop would be appreciated as well.
Regards, Carl-Daniel