> security risk is limited to the theoretical possibility of the compiler using the same memory for other purposes.
that would be a completely different kind of bug, and we hope detected by our ASAN fuzzing.
Bug 1712171 Comment 4 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
> security risk is limited to the theoretical possibility of the compiler using the same memory for other purposes.
~~that would be a completely different kind of bug, and we hope detected by our ASAN fuzzing.~~
Updated: misunderstood what you were saying. Right, a compiler could in theory do something crazy in optimization if it thought no one was going to touch that memory for a bit. ASAN would not detect that. Seems unlikely enough to not be worth hiding the bug in this particular case, especially given the nature of the data.