[Png-mng-security] potential optimizing away of initialization loop

Greg Roelofs newt at pobox.com
Thu Feb 5 00:59:35 UTC 2009


> I seem to recall in the past having trouble with optimizing 
> compilers removing loops that apparently don't really do 
> anything. In this bugfix we introduce the first loop in 

> for (i=0; i<n; i++) 
> element[i] = NULL; 
> for (i=0; i<n; i++) 
> element[i] = png_malloc(...); 

> I think the presence of the call to an external function 
> i.e., png_malloc() in the second loop will prevent the first 
> loop from being optimized away. Is that correct, and 
> therefore we should not worry about it? 

I don't think so.  The compiler can trivially see that the assignment
(regardless of the value) in the second loop is whacking the previous
assignment, so the latter isn't necessary.

Only way to be sure is to check the assembler output, but in general,
function calls protect you only when your data member is being passed
as an argument, not when it's being assigned.

Greg



More information about the png-mng-security-archive mailing list