This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug sanitizer/68065] Size calculations for VLAs can overflow
- From: "msebor at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Tue, 10 Nov 2015 23:52:14 +0000
- Subject: [Bug sanitizer/68065] Size calculations for VLAs can overflow
- Auto-submitted: auto-generated
- References: <bug-68065-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065
Martin Sebor <msebor at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |msebor at gcc dot gnu.org
--- Comment #19 from Martin Sebor <msebor at gcc dot gnu.org> ---
By coincidence, I just raised the issue of sizeof overflow due to excessively
large VLA types with WG14 last week. I wasn't aware of this issue or the
discussion until Marek pointed me at it (thanks!) FWIW, I think this problem
should be handled in GCC rather than in UBSAN, by emitting a runtime check
(similar to what's done in the C++ new expression) at the point the excessively
large VLA type (not the object) is used in a way that would cause sizeof to
overflow, and trapping when the check fails. I raised this with WG14 because
by my reading the standard seems to allow creating excessively large VLA types
and require the runtime sizeof expression to overflow (i.e., there is no
undefined behavior). Once it's clarified that the behavior is, in fact,
undefined, the runtime check and trap will be justified.