[Bug driver/107007] libiberty's win32_spawn error handling is poor

costas.argyris at gmail dot com gcc-bugzilla@gcc.gnu.org
Mon Oct 24 15:22:18 GMT 2022


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=107007

Costas Argyris <costas.argyris at gmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |costas.argyris at gmail dot com

--- Comment #1 from Costas Argyris <costas.argyris at gmail dot com> ---
A potential improvement in the win32_spawn function could be to check the
length of cmdline

https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L625

before passing it to CreateProcess

https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L630

because we know from

https://learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-createprocessa#parameters

that the second argument cannot be more than 32,767 characters.

So if we can check that before even making the call to CreateProcess, why
bother doing a call that we know will fail?

Perhaps the check could be done inside the argv_to_cmdline function itself.   
This function mentions the 32k limit in its comments

https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L350

but doesn't actually consider it in the code.    Looks like the length has been
decided by the time we reach

https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L385

in the cmdline_len variable, so it should be just a simple numerical check that
this value is less than or equal to 32,767 before doing the memory allocation. 
  If greater, it could just return NULL without allocating any memory and the
(single) caller at

https://github.com/gcc-mirror/gcc/blob/master/libiberty/pex-win32.c#L625

already deals with NULL.


More information about the Gcc-bugs mailing list