5

I'm curious about compiling with gcc/g++/clang with the assumption that headers and implementation files are user-provided, but not the build configuration. (i.e., no cd lib && make)

What if the user could provide object files to link against too (static libraries)? How about user-provided compiler/linker flags thrown into the mix?

Could a malicious user bring a system down (exhaust resources) or could they even run arbitrary code this way if all they could do is submit *.cc, *.hh, and *.a files, possibly compiler flags, and have the system compile and link it all together (but not run it)?

PSkocik
  • 270
  • 1
  • 8

2 Answers2

7

It is not only possible, it has been documented several times in the past.

http://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-960/GNU-GCC.html

For example, http://www.cvedetails.com/cve/CVE-2008-1367/ shows a memory corruption attack that could lead to various types of compromise, if they were sufficiently exploited.

A compiler is just as susceptible as any other program to bugs and malformed input.

J Kimball
  • 2,137
  • 1
  • 13
  • 19
4

At least C++ compilation is turing complete so it is possible/easy to produce infinite loop impacting system performance and producing infinite output (exhausting ram and/or disk place).

More info on how C++ compilation is turing complete : https://stackoverflow.com/questions/189172/c-templates-turing-complete

  • 1
    Compilers typically guard against infinite loops, and therefore against infinite output, by having limits for all recursions/iterations as a matter of quality of implementation. Those are controlled by flags, so if one is in control of those flags they are "safe". That being said, C++ can yield very large error messages, and there are "challenges" which showed off that a ~128 or ~256 bytes C++ program could cause gcc to emit MBs of error messages. – Matthieu M. Oct 06 '16 at 07:00