There are several bugs about failure to do access checking for template parameters and in function templates (PR 40901, PR 41437, PR 45011, PR 45917) but I don't think this is a dup of any of them class C { struct Private { }; }; template<typename T> struct exploit1 { typedef C::Private type; }; exploit1<int>::type x1; // error // similarly for base-specifier template<typename T> struct exploit2 : C::Private { }; exploit2<int> x2; // error
*** Bug 49388 has been marked as a duplicate of this bug. ***
Another variation of the same theme is: class C { struct Private { }; }; template<typename T> struct exploit3 { template<class U = C::Private> struct E {}; }; void bar() { exploit3<int>::E<> e; }
Created attachment 24985 [details] Work in progress patch I am currently testing this patch. The problem I see is twofold. First, the infrastructure I added a while back to do access checking of references to types, at template instantiation time, was limited to typedefs. This bug seems to suggest that the access checking should be done for references to all types. Not just typedefs. Second, add_typedef_to_current_template_for_access_check assumes that a "current template" is present. When we are parsing the class header (for e.g the base clause) or the template parameter list, the "current template" is not present yet. In that case, a possible solution is the stash away, for some short while, the types access that is to be checked, until the current template becomes available. This is the approach taken by this patch.
Candidate fix posted to http://gcc.gnu.org/ml/gcc-patches/2011-08/msg01404.html
Out of curiosity, does the posted patch fix at once *all* the issues mentioned in the Description? It would be great to have it!
"paolo.carlini at oracle dot com" <gcc-bugzilla@gcc.gnu.org> a écrit: > Out of curiosity, does the posted patch fix at once *all* the issues mentioned > in the Description? Yes it does, AFAICT. > It would be great to have it! I am onto something else at the moment, but I intend to address Jason's comment to the patch I posted when I am done. Sorry for the delay.
Great. By the way, I think I didn't see any comment, that's why I asked ;)
The comment was posted in another month: http://gcc.gnu.org/ml/gcc-patches/2011-09/msg00536.html Another hint at why we need a better patch/comments tracker :)
*** Bug 50097 has been marked as a duplicate of this bug. ***
Even simpler: class B { struct C {}; }; template <class T> struct A { B::C c; }; A<int> a;
Dodji, any news? ;)
*** Bug 59081 has been marked as a duplicate of this bug. ***
*** Bug 59191 has been marked as a duplicate of this bug. ***
*** Bug 61816 has been marked as a duplicate of this bug. ***
Bug 58896 looks closely related. Would it be changed by the proposed patch? Should it be made a duplicate?
*** Bug 58896 has been marked as a duplicate of this bug. ***
*** Bug 51584 has been marked as a duplicate of this bug. ***
The master branch has been updated by Patrick Palka <ppalka@gcc.gnu.org>: https://gcc.gnu.org/g:92bed036098928cd4659c8990e14cf7ad040e0c2 commit r11-1350-g92bed036098928cd4659c8990e14cf7ad040e0c2 Author: Patrick Palka <ppalka@redhat.com> Date: Tue Jun 16 08:21:33 2020 -0400 c++: Improve access checking inside templates [PR41437] This patch generalizes our existing functionality for deferring access checking of typedefs when parsing a function or class template to now defer all kinds of access checks until template instantiation time, including member function and member object accesses. Since all access checks eventually go through enforce_access, the main component of this patch is new handling inside enforce_access to defer the current access check if we're inside a template. The bulk of the rest of the patch consists of removing now-unneeded code pertaining to suppressing access checks inside templates or pertaining to typedef-specific access handling. Renamings and other changes with no functional impact have been split off into the followup patch. gcc/cp/ChangeLog: PR c++/41437 PR c++/47346 * call.c (enforce_access): Move to semantics.c. * cp-tree.h (enforce_access): Delete. (get_types_needing_access_check): Delete. (add_typedef_to_current_template_for_access_check): Delete. * decl.c (make_typename_type): Adjust accordingly. Use check_accessibility_of_qualified_id instead of directly using perform_or_defer_access_check. * parser.c (cp_parser_template_declaration_after_parameters): Don't push a dk_no_check access state when parsing a template. * pt.c (get_types_needing_access_check): Delete. (append_type_to_template_for_access_check_1): Delete. (perform_typedefs_access_check): Adjust. If type_decl is a FIELD_DECL, also check its DECL_CONTEXT for dependence. Use tsubst_copy instead of tsubst to substitute into type_decl so that we substitute into the DECL_CONTEXT of a FIELD_DECL. (append_type_to_template_for_access_check): Delete. * search.c (accessible_p): Remove the processing_template_decl early exit. * semantics.c (enforce_access): Moved from call.c. If we're parsing a template and the access check failed, add the check to TI_TYPEDEFS_NEEDING_ACCESS_CHECKING. (perform_or_defer_access_check): Adjust comment. (add_typedef_to_current_template_for_access_check): Delete. (check_accessibility_of_qualified_id): Adjust accordingly. Exit early if the scope is dependent. gcc/testsuite/ChangeLog: PR c++/41437 PR c++/47346 * g++.dg/cpp2a/concepts-using2.C: Adjust. * g++.dg/lto/20081219_1.C: Adjust. * g++.dg/lto/20091002-1_0.C: Adjust. * g++.dg/lto/pr65475c_0.C: Adjust. * g++.dg/opt/dump1.C: Adjust. * g++.dg/other/pr53574.C: Adjust. * g++.dg/template/access30.C: New test. * g++.dg/template/access31.C: New test. * g++.dg/wrappers/wrapper-around-type-pack-expansion.C: Adjust. libstdc++-v3/ChangeLog: PR libstdc++/94003 * testsuite/20_util/is_constructible/94003.cc: New test.
The master branch has been updated by Patrick Palka <ppalka@gcc.gnu.org>: https://gcc.gnu.org/g:668ef28fbb44c1e51d9c5a35b421903c98d87b03 commit r11-1351-g668ef28fbb44c1e51d9c5a35b421903c98d87b03 Author: Patrick Palka <ppalka@redhat.com> Date: Tue Jun 16 08:21:36 2020 -0400 c++: Clean up previous change [PR41437] The previous patch mostly avoided making any changes that had no functional impact, such as adjusting now-outdated comments and performing renamings. Such changes have been consolidated to this followup patch for easier review. The main change here is that we now reuse struct deferred_access_check as the element type of the vector TI_TYPEDEFS_NEEDING_ACCESS_CHECKING (now renamed to TI_DEFERRED_ACCESS_CHECKS, since it may contain any kind of access check). gcc/cp/ChangeLog: PR c++/41437 PR c++/47346 * cp-tree.h (qualified_typedef_usage_s): Delete. (qualified_typedef_usage_t): Delete. (deferred_access_check): Move up in file. (tree_template_info::typedefs_needing_access_checking): Delete. (tree_template_info::deferred_access_checks): New field. (TI_TYPEDEFS_NEEDING_ACCESS_CHECKING): Rename to ... (TI_DEFERRED_ACCESS_CHECKS): ... this, and adjust accordingly. * pt.c (perform_typedefs_access_check): Rename to ... (perform_instantiation_time_access_checks): ... this, and adjust accordingly. Remove unnecessary tree tests. (instantiate_class_template_1): Adjust accordingly. (instantiate_decl): Likewise. * semantics.c (enforce_access): Likewise.
Fixed for GCC 11.
*** Bug 80877 has been marked as a duplicate of this bug. ***