[Bug driver/107007] libiberty's win32_spawn error handling is poor
costas.argyris at gmail dot com
gcc-bugzilla@gcc.gnu.org
Mon Oct 24 15:22:18 GMT 2022
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107007
Costas Argyris <costas.argyris at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |costas.argyris at gmail dot com
--- Comment #1 from Costas Argyris <costas.argyris at gmail dot com> ---
A potential improvement in the win32_spawn function could be to check the
length of cmdline
https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L625
before passing it to CreateProcess
https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L630
because we know from
https://learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-createprocessa#parameters
that the second argument cannot be more than 32,767 characters.
So if we can check that before even making the call to CreateProcess, why
bother doing a call that we know will fail?
Perhaps the check could be done inside the argv_to_cmdline function itself.
This function mentions the 32k limit in its comments
https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L350
but doesn't actually consider it in the code. Looks like the length has been
decided by the time we reach
https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L385
in the cmdline_len variable, so it should be just a simple numerical check that
this value is less than or equal to 32,767 before doing the memory allocation.
If greater, it could just return NULL without allocating any memory and the
(single) caller at
https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L625
already deals with NULL.
More information about the Gcc-bugs
mailing list