Consider the following trivial test program (test.m)- #include <objc/objc.h> #include <objc/Object.h> #include <objc/Protocol.h> @protocol TestProtocol + testMethod; @end int main() { [@protocol(TestProtocol) descriptionForInstanceMethod: @selector(name)]; return 0; } If you compile it using the command 'gcc test.m -lobjc' Then run a.out, and you will get a segmentation violation. This is because TestProtocol contains only a class method, but we tried to look up an instance method ... the lookup should have returned a null pointer rather than crashing. There is a simple fix to the file Protocol.m in the objc runtume ... diff Protocol.m Protocol.m.old 83c83 < if (instance_methods != 0) --- > for (i = 0; i < instance_methods->count; i++) 85,89c85,86 < for (i = 0; i < instance_methods->count; i++) < { < if (!strcmp ((char*)instance_methods->list[i].name, name)) < return &(instance_methods->list[i]); < } --- > if (!strcmp ((char*)instance_methods->list[i].name, name)) > return &(instance_methods->list[i]); 113c110 < if (class_methods != 0) --- > for (i = 0; i < class_methods->count; i++) 115,119c112,113 < for (i = 0; i < class_methods->count; i++) < { < if (!strcmp ((char*)class_methods->list[i].name, name)) < return &(class_methods->list[i]); < } --- > if (!strcmp ((char*)class_methods->list[i].name, name)) > return &(class_methods->list[i]);
I can confirm this on 2.95.3 and on the mainline (20030704). Would you mind reading <http://gcc.gnu.org/contribute.html> and sending your patch to gcc-patches@gcc.gnu.org?
Subject: Re: Crash due to dereferencing null pointer when querying protocol On Friday, July 4, 2003, at 06:15 PM, pinskia at physics dot uc dot edu wrote: > ------- Additional Comments From pinskia at physics dot uc dot edu > 2003-07-04 17:15 ------- > I can confirm this on 2.95.3 and on the mainline (20030704). > Would you mind reading <http://gcc.gnu.org/contribute.html> and > sending your patch to > gcc-patches@gcc.gnu.org? > OK. I sent it in.
Patch here: <http://gcc.gnu.org/ml/gcc-patches/2003-07/msg00447.html>
Bug confirmed 2003-12-01. The patch looks good to me, but it isn't compliant with the coding standards. I will revise it.
Subject: Bug 11433 CVSROOT: /cvs/gcc Module name: gcc Changes by: zack@gcc.gnu.org 2003-12-01 23:30:00 Modified files: gcc/testsuite : ChangeLog libobjc : ChangeLog Protocol.m Added files: gcc/testsuite/objc.dg: proto-lossage-3.m Log message: PR 11433 gcc/testsuite: * objc.dg/proto-lossage-3.m: New test. libobjc: * Protocol.m (descriptionForInstanceMethod): Don't dereference instance_methods if it's NULL. (descriptionForClassMethod): Likewise for class_methods. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/ChangeLog.diff?cvsroot=gcc&r1=1.3216&r2=1.3217 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/objc.dg/proto-lossage-3.m.diff?cvsroot=gcc&r1=NONE&r2=1.1 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libobjc/ChangeLog.diff?cvsroot=gcc&r1=1.103&r2=1.104 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libobjc/Protocol.m.diff?cvsroot=gcc&r1=1.4&r2=1.5
Patch applied to mainline. This is not a regression - the bug has been around since 2.95 - but the fix is very low risk so it might be a 3.3 candidate anyway. But that's not my decision. Closing bug.
Subject: Re: Crash due to dereferencing null pointer when querying protocol "zack at gcc dot gnu dot org" <gcc-bugzilla@gcc.gnu.org> writes: | Patch applied to mainline. | | This is not a regression - the bug has been around since 2.95 - but | the fix is very low risk so it might be a 3.3 candidate anyway. | But that's not my decision. Closing bug. I'm accpeting non-regression fixes too, til December 31. If you have any chance to apply it to 3_3-branc, that would be appreciated. Thanks, -- Gaby
Subject: Bug 11433 CVSROOT: /cvs/gcc Module name: gcc Branch: gcc-3_3-branch Changes by: zack@gcc.gnu.org 2003-12-02 01:59:37 Modified files: gcc/testsuite : ChangeLog libobjc : ChangeLog Protocol.m Added files: gcc/testsuite/objc.dg: proto-lossage-3.m Log message: PR 11433 gcc/testsuite: * objc.dg/proto-lossage-3.m: New test. libobjc: * Protocol.m (descriptionForInstanceMethod): Don't dereference instance_methods if it's NULL. (descriptionForClassMethod): Likewise for class_methods. Patches: http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=1.2261.2.319&r2=1.2261.2.320 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/gcc/testsuite/objc.dg/proto-lossage-3.m.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=NONE&r2=1.1.2.1 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libobjc/ChangeLog.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=1.87.4.10&r2=1.87.4.11 http://gcc.gnu.org/cgi-bin/cvsweb.cgi/gcc/libobjc/Protocol.m.diff?cvsroot=gcc&only_with_tag=gcc-3_3-branch&r1=1.3&r2=1.3.20.1
Ok, applied to 3.3 branch too.