This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Proposed Patch for Bug 69687

From: Mike Stump <mikestump at comcast dot net>
To: Marcel Böhme <boehme dot marcel at gmail dot com>
Cc: gcc-patches at gcc dot gnu dot org
Date: Wed, 2 Mar 2016 09:22:19 -0800
Subject: Re: Proposed Patch for Bug 69687
Authentication-results: sourceware.org; auth=none
References: <EA6F36C4-86FE-4018-8CB0-D0F314C1528D at gmail dot com>

On Mar 2, 2016, at 12:33 AM, Marcel Böhme <boehme.marcel@gmail.com> wrote:
> Please find attached the proposed patch for Bug 69687: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69687
> 
> * Limiting the length of the mangled string to 264k characters.

No.  This isn’t in the spirit of GNU software.

> * Limiting the loop iterations to 256 (max. of C++ function parameters).

No.

Instead, find the bit of the code that is wrong and fix that.  From the PR:

> The function string_need (cplus-dem.c:4751) checks whether sufficient memory is available to append size-of-arg more characters. If not, xrealloc decl with n=2*(length of decl + length of arg) characters. Since n is a signed int, n wraps over at some iteration.

So, check for overflow, or better use unsigned values that are large enough to never overflow.  With no possibility for overflow, you can then retest the bug and see if there are any other failure modes and fix those.

Follow-Ups:
- Re: Proposed Patch for Bug 69687
  - From: Bernd Schmidt
- Re: Proposed Patch for Bug 69687
  - From: Marcel Böhme

References:
- Proposed Patch for Bug 69687
  - From: Marcel BÃhme

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]