Re: [PATCH] assume sprintf formatting of wide characters may fail (PR 86853)

[Jeff Law <law at redhat dot com>]

On 08/04/2018 12:46 PM, Martin Sebor wrote:
> The sprintf handling of wide characters neglects to consider
> that calling the function may fail due to a conversion error
> (when the wide character is invalid or not representable in
> the current locale).  The handling also misinterprets
> the POSIX %S wide string directive as a plain narrow %s and
> doesn't include %C (the POSIX equivalent of %lc).  The attached
> patch corrects these oversights by extending the data structures
> to indicate when a directive may fail, and extending the UNDER4K
> member of the format_result structure to also encode calls with
> such directives.
> 
> Tested on x86_64-linux.
> 
> Besides the trunk, since this bug can affect code correctness
> I'd like to backport this patch to both release branches (7
> and 8).
> 
> Martin
> 
> gcc-86853.diff
> 
> 
> PR tree-optimization/86853 - sprintf optimization for wide strings doesn't account for conversion failure
> 
> gcc/ChangeLog:
> 
> 	PR tree-optimization/86853
> 	* gimple-ssa-sprintf.c (struct format_result): Rename member.
> 	(struct fmtresult): Add member and initialize it in ctors.
> 	(format_character): Handle %C.  Extend range to NUL.  Set MAYFAIL.
> 	(format_string): Handle %S the same as %ls.  Set MAYFAIL.
> 	(format_directive): Set POSUNDER4K when MAYFAIL is set.
> 	(parse_directive): Handle %C same as %c.
> 	(sprintf_dom_walker::compute_format_length): Adjust.
> 	(is_call_safe): Adjust.
> 
> gcc/testsuite/ChangeLog:
> 
> 	PR tree-optimization/86853
> 	* gcc.dg/tree-ssa/builtin-sprintf-10.c: New test.
> 	* gcc.dg/tree-ssa/builtin-sprintf-11.c: New test.
> 	* gcc.dg/tree-ssa/builtin-sprintf-warn-18.c: Adjust.
I fixed two "empty" mis-spellings in gimple-ssa-sprintf.c and installed
this patch.

Let's give it a few days of soak time, then backporting is fine.

Jeff