This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH v2] gcc/ubsan.c: Use 'pretty_print' for 'pretty_name' to avoid memory overflow

From: Jakub Jelinek <jakub at redhat dot com>
To: Chen Gang <gang dot chen dot 5i5j at gmail dot com>
Cc: Marek Polacek <polacek at redhat dot com>, "Joseph S. Myers" <joseph at codesourcery dot com>, rth at redhat dot com, Jeff Law <law at redhat dot com>, gcc-patches List <gcc-patches at gcc dot gnu dot org>
Date: Fri, 21 Nov 2014 22:57:00 +0100
Subject: Re: [PATCH v2] gcc/ubsan.c: Use 'pretty_print' for 'pretty_name' to avoid memory overflow
Authentication-results: sourceware.org; auth=none
References: <546FA8A9 dot 3090008 at gmail dot com>
Reply-to: Jakub Jelinek <jakub at redhat dot com>

On Sat, Nov 22, 2014 at 05:03:37AM +0800, Chen Gang wrote:
> According to the next code, 'pretty_name' may need additional bytes more
> than 16 (may have unlimited length for array type). There is an easy way
> to fix it: use 'pretty_print' for 'pretty_name'.
> 
> Let the code meet 2 white spaces alignment coding styles (originally,
> some of code is 1 white sapce alignment).
> 
> It passes testsuite under fedora 20 x86_64-unknown-linux-gnu.
> 
> 2014-11-22  Chen Gang  <gang.chen.5i5j@gmail.com>
> 
>         * ubsan.c (ubsan_type_descriptor): Use 'pretty_print' for
>         'pretty_name' to avoid memory overflow

Add a . at the end.

>        while (deref_depth-- > 0)
> -        pretty_name[pos++] = '*';
> -      pretty_name[pos++] = '\'';
> -      pretty_name[pos] = '\0';
> +	pp_star(&pretty_name);
> +      pp_quote(&pretty_name);

Formatting, missing space before (.  Happens many times in the patch.

>  	  if (dom && TREE_CODE (TYPE_MAX_VALUE (dom)) == INTEGER_CST)
> -	    pos += sprintf (&pretty_name[pos], HOST_WIDE_INT_PRINT_DEC,
> -			    tree_to_uhwi (TYPE_MAX_VALUE (dom)) + 1);
> +	    pp_printf (&pretty_name, HOST_WIDE_INT_PRINT_DEC,
> +		       tree_to_uhwi (TYPE_MAX_VALUE (dom)) + 1);

You don't know if TYPE_MAX_VALUE (dom) will fit into uhwi, and you are
using signed printing anyway.
You said that using pp_wide_int breaks too many tests, so perhaps
do
  if (tree_fits_uhwi_p (TYPE_MAX_VALUE (dom))
      && tree_to_uhwi (TYPE_MAX_VALUE (dom)) + 1 != 0)
    pp_printf (..., HOST_WIDE_INT_PRINT_UNSIGNED,
  else
    pp_wide_int (..., wi::to_widest (TYPE_MAX_VALUE (dom)) + 1);
?

	Jakub

Follow-Ups:
- Re: [PATCH v2] gcc/ubsan.c: Use 'pretty_print' for 'pretty_name' to avoid memory overflow
  - From: Chen Gang

References:
- [PATCH v2] gcc/ubsan.c: Use 'pretty_print' for 'pretty_name' to avoid memory overflow
  - From: Chen Gang

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]