This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
PATCH: bug in gcc.c-torture/execute/960327-1.c: overwrites stack-frame.
- To: gcc-patches at gcc dot gnu dot org
- Subject: PATCH: bug in gcc.c-torture/execute/960327-1.c: overwrites stack-frame.
- From: Hans-Peter Nilsson <hans-peter dot nilsson at axis dot com>
- Date: Tue, 4 Apr 2000 17:48:13 +0200
The bug is that the sprintf "X" writing to s + 12 will
overwrite 'X' replacing the \0 that ends the string, but also
write a \0 at the location *after that* in the stack-frame. For
many targets there's pad or nothing of importance there. For
some targets this is the low byte of the return address.
Wheee... (imagine ejection seat activated indoors).
Although this change looks safe, I might be tampering with the original
purpose of the test. Is there anyone around that remembers this test and
can comment?
Ok to install?
Tue Apr 4 17:10:57 2000 Hans-Peter Nilsson <hp@axis.com>
* execute/960327-1.c (f): Add a letter to s[] to avoid stack-frame
overwrite.
Index: 960327-1.c
===================================================================
RCS file: /cvs/gcc/egcs/gcc/testsuite/gcc.c-torture/execute/960327-1.c,v
retrieving revision 1.2
diff -p -c -r1.2 960327-1.c
*** 960327-1.c 1998/12/16 22:14:06 1.2
--- 960327-1.c 2000/04/04 15:07:19
*************** g ()
*** 6,12 ****
f ()
{
! char s[] = "abcedfg01234";
char *sp = s + 12;
switch (g ())
--- 6,12 ----
f ()
{
! char s[] = "abcedfg012345";
char *sp = s + 12;
switch (g ())
brgds, H-P