[PATCH] Fix gimple-ssa-sprintf.c caret related ICE (PR c/83448)

[Jeff Law]

On 12/21/2017 01:29 PM, Jakub Jelinek wrote:
> Hi!
> 
> If copying a substring without %s from the format string into the
> destination does or might overflow, we try to point the caret at the
> character in the format string that will cause the overflow.
> In the first spot in maybe_warn this is only done if avail_range.min ==
> avail_range.max and thus if we emit the warning later, the caret will
> point into that substring of the format string (I've changed this hunk
> anyway, so that we don't call set_caret_index with invalid offset in case we
> won't do any diagnostics), but in the latter case we do it even if
> avail_range.min != avail_range.max and want to put the caret on the maximum
> because that will surely overflow (while the characters before might or
> might not).  But especially in that case, we can set the caret even to
> completely bogus spots and even overflow, set_caret_index expects an int
> while navail, upper bound of a range, is UHWI and could be extremely large
> in some cases.  Fixed by making sure to set the caret only if it falls
> within the substring of the format string (not even pointing it to following
> %whatever if any etc.).
> 
> The added testcase tests adds several caret position checks.
> 
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
> 
> 2017-12-21  Jakub Jelinek  <jakub@redhat.com>
> 
> 	PR c/83448
> 	* gimple-ssa-sprintf.c (maybe_warn): Don't call set_caret_index
> 	if navail is >= dir.len.
> 
> 	* gcc.c-torture/compile/pr83448.c: New test.
> 	* gcc.dg/tree-ssa/builtin-snprintf-warn-4.c: New test.
OK.
jeff