const char *_pcre_ucp_names = "Any\0" "Arabic\0" "Armenian\0" ... "Zs";
This is a global variable. Anybody seeing what is wrong?
What this does is define a variable in .data (it's modifiable) which points to a constant string. This means
- An additional variable
- More attack points, the variable is writable
- An additional relocation
- Getting the string address requires a memory load and accessing the string itself requires two memory loads
People, think before writing code! All that is needed here is name for the memory area containing the constant string. I.e.:
const char _pcre_ucp_names = "Any\0" "Arabic\0" "Armenian\0" ... "Zs";
See the difference? This one character removed and two added make all the difference in the world. The binary is smaller (at least 32 bytes on x86-64, more counting the simpler memory access in the actual code), one less relative relocation, faster code at runtime since the code to compute the string address needs no memory access.