[PATCH] set range for strlen(array) to avoid spurious -Wstringop-overflow (PR 83373 , PR 78450)

Martin Sebor msebor@gmail.com
Mon Dec 18 22:53:00 GMT 2017


On 12/14/2017 12:04 PM, Jeff Law wrote:
> On 12/14/2017 11:55 AM, Jakub Jelinek wrote:
>> On Thu, Dec 14, 2017 at 11:51:26AM -0700, Martin Sebor wrote:
>>>> Well, it would be nice to get sanitizers diagnose this at runtime.  If we
>>>> know the array length at compile time, simply compare after the strlen
>>>> call the result and fail if it returns something above it.  Or replace
>>>> the strlen call with strnlen for the compile time known size and add
>>>> instrumentation if strnlen returns the second argument.
>>>
>>> Sure, that sounds like a useful enhancement.  I'll look into
>>> adding it as a follow-on patch unless you feel that it needs
>>> to be part of the same package.
>>
>> The problem is if we'll need changes to libubsan for that (which we'll
>> likely do), then those need to be upstreamed, and e.g. my attempts
>> to upstream simple patch to diagnose noreturn function returns is suspended
>> upstream because clang doesn't have that support (and I have no interest
>> in adding to to clang).
>>
>> In theory we could have some GCC only file in there, but then we'd be ABI
>> incompatible with them.
> So defer the sanitization side until Clang catches up?

I've committed the patch as is in r255790.  If I have some spare
cycles I'll see if the instrumentation is possible without changing
libubsan.

Martin



More information about the Gcc-patches mailing list