[原文]Tiny C Compiler (TCC) 0.9.23 (aka TinyCC) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.
Tiny C Compiler contains a flaw that may have security implications on programs compiled with it. The compiler fails to return unsigned values for the sizeof() macro, resulting in a potential integer overflows in the objects it compiles.
Currently, there are no known workarounds or upgrades to correct this issue. However, Fabrice Bellard has released a patch (changesets 417 and 418) to address this vulnerability.