This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

PATCH: bug in gcc.c-torture/execute/960327-1.c: overwrites stack-frame.


The bug is that the sprintf "X" writing to s + 12 will
overwrite 'X' replacing the \0 that ends the string, but also
write a \0 at the location *after that* in the stack-frame.  For
many targets there's pad or nothing of importance there.  For
some targets this is the low byte of the return address.
Wheee... (imagine ejection seat activated indoors).

Although this change looks safe, I might be tampering with the original
purpose of the test.  Is there anyone around that remembers this test and
can comment?

Ok to install?

Tue Apr  4 17:10:57 2000  Hans-Peter Nilsson  <hp@axis.com>

	* execute/960327-1.c (f): Add a letter to s[] to avoid stack-frame
	overwrite.

Index: 960327-1.c
===================================================================
RCS file: /cvs/gcc/egcs/gcc/testsuite/gcc.c-torture/execute/960327-1.c,v
retrieving revision 1.2
diff -p -c -r1.2 960327-1.c
*** 960327-1.c	1998/12/16 22:14:06	1.2
--- 960327-1.c	2000/04/04 15:07:19
*************** g ()
*** 6,12 ****
  
  f ()
  {
!   char s[] = "abcedfg01234";
    char *sp = s + 12;
  
    switch (g ())
--- 6,12 ----
  
  f ()
  {
!   char s[] = "abcedfg012345";
    char *sp = s + 12;
  
    switch (g ())

brgds, H-P

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]