This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Fix buffer overflow in ipa_profile
- From: Jan Hubicka <hubicka at ucw dot cz>
- To: gcc-patches at gcc dot gnu dot org
- Date: Wed, 21 Aug 2013 16:30:40 +0200
- Subject: Fix buffer overflow in ipa_profile
Hi,
as Martin noticed, there is bug in ipa_profile that first allocate order array
and then introduce new local aliases before calling ipa_reverse_postorder.
Fixed thus and committed as obvious.
Honza
Index: ChangeLog
===================================================================
--- ChangeLog (revision 201891)
+++ ChangeLog (working copy)
@@ -1,3 +1,7 @@
+2013-08-20 Martin Liska <marxin.liska@gmail.com>
+
+ * ipa.c (ipa_profile_read_summary): Fix buffer overflow.
+
2013-08-20 Jan Hubicka <jh@suse.cz>
PR bootstrap/58186
Index: ipa.c
===================================================================
--- ipa.c (revision 201890)
+++ ipa.c (working copy)
@@ -1397,7 +1397,7 @@ ipa_profile_read_summary (void)
static unsigned int
ipa_profile (void)
{
- struct cgraph_node **order = XCNEWVEC (struct cgraph_node *, cgraph_n_nodes);
+ struct cgraph_node **order;
struct cgraph_edge *e;
int order_pos;
bool something_changed = false;
@@ -1575,6 +1575,7 @@ ipa_profile (void)
nuseless, nuseless * 100.0 / nindirect,
nconverted, nconverted * 100.0 / nindirect);
+ order = XCNEWVEC (struct cgraph_node *, cgraph_n_nodes);
order_pos = ipa_reverse_postorder (order);
for (i = order_pos - 1; i >= 0; i--)
{