Elevator Pitch
You might be the most cautious developer. However, the compiler might be too clever and silently do optimizations that throw away your carefully crafted code. I will show some optimizations that messed real code (such as Tor), a practical example, some workarounds, and invite to collaborate to gcc
Description
There are some techniques to avoid vulnerabilities, such as zeroing buffers placed in the stack before leaving functions; however, modern optimization techniques such as Death Store Elimination may lead the compiler think that the call is not necessary, thus removing it. In this talk I will present well known security-related software examples where compiler optimizations led to software vulnerabilities; I will also show a live toy example of exploiting a vulnerability caused by a compiler optimization; then I will show common workarounds such as OS-provided functions and other techniques; finally, I will introduce some compiler internals and invite people to contribute to mainstream compilers to avoid these situations with some ideas, such as enhanced diagnostics and code generation.
Notes
I am a former GNU toolchain maintainer (mostly gcc). With this talk, I want to achieve three goals: 1) raise awareness of this risk; 2) give the tools to both detect when this happens and how to mitigate it; 3) encourage attendees to actively participate in the compilers community to influx security-oriented features. To achieve this, rather than providing a gcc internals training in 20 minutes, I will offer myself as a mentor for compiler hacking for those interested in participating in compilers development from the security point of view. I will provide a general high-level overview of the relevant compiler optimization techniques and will focus on DSE as a particular example suitable for this talk length. Being able to read and understand assembly is needed.