This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug c/68065] Size calculations for VLAs can overflow
- From: "joseph at codesourcery dot com" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Tue, 27 Oct 2015 00:15:17 +0000
- Subject: [Bug c/68065] Size calculations for VLAs can overflow
- Auto-submitted: auto-generated
- References: <bug-68065-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065
--- Comment #6 from joseph at codesourcery dot com <joseph at codesourcery dot com> ---
On Tue, 27 Oct 2015, ch3root at openwall dot com wrote:
> > VLA size overflow, however, is undefined behavior at runtime, not compile
> > time, hence a matter for ubsan.
>
> VLA size overflow is very similar to overflow in "new". Shouldn't it be
> handled in a similar way?
I'm thinking of it as essentially like stack overflow, where it's
traditionally been the user's job to bound their stack allocations. I
think ubsan should enable all of (VLA size overflow checks, stack checking
for fixed-size allocations to ensure the amount of stack space allocated
in one go is small enough that overflow is guaranteed to be detected,
similar checks for variable size allocations whether from VLAs or alloca).
Of course separate options for various cases may make sense as well.