This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug sanitizer/68065] Size calculations for VLAs can overflow
- From: "joseph at codesourcery dot com" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Wed, 11 Nov 2015 22:51:55 +0000
- Subject: [Bug sanitizer/68065] Size calculations for VLAs can overflow
- Auto-submitted: auto-generated
- References: <bug-68065-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065
--- Comment #30 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
On Wed, 11 Nov 2015, ch3root at openwall dot com wrote:
> 4. From the POV of the standard I don't see much difference between VLA
> and ordinary arrays in this question. AFAICT the standard doesn't place
> limits on constructed types of any kind and hence oversized types are
> permitted by the standard. See comment #3 (or pr68107) for a practical
"permitted by" only in the sense of "the standard does not require
implementations to reject them". It is not intended that the listed
implementation limits are the only limits that there may be, at compile
time or run time.
> 3. The same for sizes of objects. There is an environmental limit for
> "bytes in an object" but it's marked as "(in a hosted environment
> only)". So there is no such limit in the standard for a freestanding
> implementation, right? But I doubt that you are supposed to be able to
No, what's "in a hosted environment only" is the requirement that the
implementation translate and execute some program with a 65535-byte object
(and an instance of the other given limits, simultaneously); freestanding
implementations may have an object size limit smaller than 65535 bytes.
That is, effectively, C99 and above do not support hosted environments
with a 16-bit address space; systems with a 16-bit address space are only
supported for freestanding implementations.