cpp token_buffer not being NULL terminated causes fixproto bugs

Zack Weinberg zack@wolery.cumb.org
Fri Apr 28 14:56:00 GMT 2000


On Fri, Apr 28, 2000 at 04:47:47PM -0400, Kaveh R. Ghazi wrote:
> 
> My concern is that I didn't find all the places that make a NULL
> termination assumption...  Another set of eyeballs on the code would
> be good.
> 
> If you want a test input file, here's errno.h from sunos4.  When you
> recode using cpp_idcmp, make sure fix-header does not insert an extra
> "extern int errno;" into this file.

Thanks.

I couldn't find any places where you missed an assumed NUL-
termination.  Would you care to give this patch a whirl on sunos4?  It
works for me on your errno.h example.  As a fringe bonus, we no longer
mess up glibc's getopt.h.

zw

	* cpplex.c (cpp_idcmp): New function.
	* cpplib.h: Prototype it.
	* fix-header.c (read_scan_file): Use it to inspect token
	names.
	* scan_decls.c (scan_decls): Likewise.

	* fix-header.c: If we are scanning getopt.h, define
	__GNU_LIBRARY__.  Set system_header_p on the file being run
	through the preprocessor.
	* fixproto: Don't redefine __STDC__ to 0.
	
	* Makefile.in: Remove stale warning message.

===================================================================
Index: Makefile.in
--- Makefile.in	2000/04/28 06:18:14	1.428
+++ Makefile.in	2000/04/28 21:51:42
@@ -2296,7 +2296,6 @@ fixhdr.ready: fix-header
 # The if statement is so that we don't run fixproto a second time
 # if it has already been run on the files in `include'.
 stmp-fixproto: fixhdr.ready fixproto stmp-int-hdrs
-	@echo "Various warnings and error messages from fixproto are normal"
 	if [ -f include/fixed ] ; then true; \
 	else \
 	  : This line works around a 'make' bug in BSDI 1.1.; \
===================================================================
Index: cpplex.c
--- cpplex.c	2000/04/28 18:17:54	1.30
+++ cpplex.c	2000/04/28 21:51:43
@@ -2048,6 +2048,37 @@ _cpp_init_input_buffer (pfile)
   pfile->input_buffer_len = 8192;
 }
 
+/* Utility routine:
+   Compares, in the manner of strcmp(3), the token beginning at TOKEN
+   and extending for LEN characters to the NUL-terminated string
+   STRING.  Typical usage:
+
+   if (! cpp_idcmp (pfile->token_buffer + here, CPP_WRITTEN (pfile) - here,
+                 "inline"))
+     { ... }
+ */
+
+int
+cpp_idcmp (token, len, string)
+     const U_CHAR *token;
+     size_t len;
+     const char *string;
+{
+  size_t len2 = strlen (string);
+  int r;
+
+  if ((r = memcmp (token, string, MIN (len, len2))))
+    return r;
+
+  /* The longer of the two strings sorts after the shorter.  */
+  if (len == len2)
+    return 0;
+  else if (len < len2)
+    return -1;
+  else
+    return 1;
+}
+
 #if 0
 
 /* Lexing algorithm.
===================================================================
Index: cpplib.h
--- cpplib.h	2000/04/27 05:49:33	1.86
+++ cpplib.h	2000/04/28 21:51:44
@@ -655,8 +655,8 @@ extern cpp_buffer *cpp_push_buffer	PARAM
 extern cpp_buffer *cpp_pop_buffer	PARAMS ((cpp_reader *));
 extern void cpp_scan_buffer		PARAMS ((cpp_reader *, cpp_printer *));
 extern void cpp_scan_buffer_nooutput	PARAMS ((cpp_reader *));
-
-
+extern int cpp_idcmp			PARAMS ((const unsigned char *,
+						 size_t, const char *));
 
 /* In cpphash.c */
 extern int cpp_defined			PARAMS ((cpp_reader *,
===================================================================
Index: fix-header.c
--- fix-header.c	2000/04/14 23:29:45	1.41
+++ fix-header.c	2000/04/28 21:51:44
@@ -135,7 +135,11 @@ enum special_file
 #ifdef sys_stat_h
 #undef sys_stat_h
 #endif
-  sys_stat_h
+  sys_stat_h,
+#ifdef getopt_h
+#undef getopt_h
+#endif
+  getopt_h
 };
 
 /* A NAMELIST is a sequence of names, separated by '\0', and terminated
@@ -637,6 +641,15 @@ read_scan_file (in_fname, argc, argv)
   if (! cpp_start_read (&scan_in, 0, in_fname))
     exit (FATAL_EXIT_CODE);
 
+  /* The getopt.h from glibc does not prototype getopt() unless
+     __GNU_LIBRARY__ is defined, and it does not include <features.h>
+     to get it defined.  You don't want to know why this is.  */
+  if (special_file_handling == getopt_h)
+    cpp_define (&scan_in, "__GNU_LIBRARY__");
+
+  /* We are scanning a system header, so mark it as such.  */
+  CPP_BUFFER (&scan_in)->system_header_p = 1;
+
   scan_decls (&scan_in, argc, argv);
   for (cur_symbols = &symbol_table[0]; cur_symbols->names; cur_symbols++)
     check_macro_names (&scan_in, cur_symbols->names);
@@ -663,6 +676,8 @@ read_scan_file (in_fname, argc, argv)
 	{
 	  enum cpp_ttype token = cpp_get_token (&scan_in);
 	  int length = CPP_WRITTEN (&scan_in) - old_written;
+	  unsigned char *id = scan_in.token_buffer + old_written;
+	  
 	  CPP_SET_WRITTEN (&scan_in, old_written);
 	  if (token == CPP_EOF) /* Should not happen ...  */
 	    break;
@@ -671,8 +686,7 @@ read_scan_file (in_fname, argc, argv)
 	      cpp_pop_buffer (&scan_in);
 	      break;
 	    }
-	  if (token == CPP_NAME && length == 7
-	      && strcmp ("_filbuf", scan_in.token_buffer + old_written) == 0)
+	  if (token == CPP_NAME && cpp_idcmp (id, length, "_filbuf") == 0)
 	    seen_filbuf++;
 	}
       if (seen_filbuf)
@@ -690,7 +704,7 @@ read_scan_file (in_fname, argc, argv)
 		SET_REQUIRED (fn);
 	      if (need_flsbuf)
 		SET_REQUIRED (flsbuf_fn);
-	      if (need_flsbuf + need_filbuf == 2)
+	      if (need_flsbuf && need_filbuf)
 		new_list = "_filbuf\0_flsbuf\0";
 	      else if (need_flsbuf)
 		new_list = "_flsbuf\0";
@@ -1130,6 +1144,8 @@ main (argc, argv)
     special_file_handling = stdlib_h, required_other+=2;
   else if (strcmp (inc_filename, "stdio.h") == 0)
     special_file_handling = stdio_h;
+  else if (strcmp (inc_filename, "getopt.h") == 0)
+    special_file_handling = getopt_h;
   include_entry = std_include_table;
   while (include_entry->name != NULL
 	 && ((strcmp (include_entry->name, CONTINUED) == 0)
===================================================================
Index: fixproto
--- fixproto	2000/04/17 14:40:03	1.9
+++ fixproto	2000/04/28 21:51:45
@@ -58,7 +58,7 @@ dirname=`echo "$0" | sed 's,^[^/]*$,.,;s
 progname=`echo "$0" | sed 's,.*/,,'`
 original_dir=`pwd`
 FIX_HEADER=${FIX_HEADER-$original_dir/fix-header}
-DEFINES="-D__STDC__=0 -D__cplusplus ${FIXPROTO_DEFINES}"
+DEFINES="-D__cplusplus ${FIXPROTO_DEFINES}"
 
 if mkdir -p . 2> /dev/null; then
   # Great, mkdir accepts -p
===================================================================
Index: scan-decls.c
--- scan-decls.c	2000/04/20 19:33:11	1.16
+++ scan-decls.c	2000/04/28 21:51:45
@@ -191,9 +191,7 @@ scan_decls (pfile, argc, argv)
 	maybe_handle_comma:
 	  if (token != CPP_COMMA)
 	    goto new_statement;
-#if 0
-	handle_comma:
-#endif
+
 	  /* Handle multiple declarators in a single declaration,
 	     as in:  extern char *strcpy (), *strcat (), ... ; */
 	  if (declarator_start == 0)
@@ -202,12 +200,14 @@ scan_decls (pfile, argc, argv)
 	  break;
 	case CPP_NAME:
 	  /* "inline" and "extern" are recognized but skipped */
-	  if (strcmp (pfile->token_buffer, "inline") == 0)
+	  if (!cpp_idcmp (pfile->token_buffer,
+			  CPP_WRITTEN (pfile), "inline"))
 	    {
 	      saw_inline = 1;
 	      CPP_SET_WRITTEN (pfile, start_written);
 	    }
-	  if (strcmp (pfile->token_buffer, "extern") == 0)
+	  else if (!cpp_idcmp (pfile->token_buffer,
+			       CPP_WRITTEN (pfile), "extern"))
 	    {
 	      saw_extern = 1;
 	      CPP_SET_WRITTEN (pfile, start_written);


More information about the Gcc-patches mailing list