This is the mail archive of the
mailing list for the GCC project.
Re: Fix for PR70909 in Libiberty Demangler (4)
- From: Pedro Alves <palves at redhat dot com>
- To: Marcel BÃhme <boehme dot marcel at gmail dot com>, Jason Merrill <jason at redhat dot com>
- Cc: gcc-patches List <gcc-patches at gcc dot gnu dot org>, Bernd Schmidt <bschmidt at redhat dot com>
- Date: Wed, 29 Jun 2016 17:09:15 +0100
- Subject: Re: Fix for PR70909 in Libiberty Demangler (4)
- Authentication-results: sourceware.org; auth=none
- References: <898C33FE-A3F5-4B1D-A4C7-6DBB45722B2F at gmail dot com> <CADzB+2mF0oXwXWwx+WqQ43-NsOS6vhOdkR1R66Obu-8kibfwvQ at mail dot gmail dot com> <0B429217-2A50-4AC8-BC28-E87B1A3003C5 at gmail dot com>
On 06/29/2016 08:43 AM, Marcel BÃhme wrote:
> Hi Jason,
> These test cases are generated by fuzzing which produces a lot of nonsensical input data.
> I think, "Garbage In, Garbage Out" is quite applicable here.
> With the patch at least it doesnât crash and fixes the vulnerability.
Note that demangling shows up high in gdb profiles when loading
huge programs. If we can avoid quadratic or worse complexity,