[PATCH 2/5] C front end support to detect out-of-bounds accesses to array parameters
Fri Aug 21 19:17:38 GMT 2020
On 8/19/20 6:09 PM, Joseph Myers wrote:
> On Wed, 19 Aug 2020, Martin Sebor via Gcc-patches wrote:
>>> I think you need a while loop there, not just an if, to account for the
>>> case of multiple consecutive cdk_attrs. At least the GNU attribute syntax
>>> ( gnu-attributes[opt] declarator )
>>> should produce multiple consecutive cdk_attrs for each level of
>>> parentheses with attributes inside.
>> I had considered a loop but couldn't find a way to trigger what you
>> describe (or a test in the testsuite that would do it) so I didn't
>> use one. I saw loops like that in other places but I couldn't get
>> even those to uncover such a test case. Here's what I tried:
>> #define A(N) __attribute__ ((aligned (N), may_alias))
>> int n;
>> void f (int (* A (2) A (4) (* A (2) A (4) (* A (2) A (4) [n])[n])));
>> Sequences of consecutive attributes are all chained together.
>> I've added the loop here but I have no test for it. It would be
>> good to add one if it really is needed.
> The sort of thing I'm thinking of would be, where A is some attribute:
> void f (int (A (A (A arg))));
> (that example doesn't involve an array, but it illustrates the syntax I'd
> expect to produce multiple consecutive cdk_attrs).
Yes, that does it, thanks. But as a result of the test:
if (pd->kind != cdk_array)
I don't see how to write a declaration where the if rather than
a loop would cause trouble. If next->kind == cdk_attrs after
the test in the if statement (i.e., before I replaced it with
the while loop), the test above would be true and the for loop
would continue. The next test for next->kind would then skip
over the attrs.
Let me know if I'm missing something. Otherwise I'll just leave
the loop there with no test.
More information about the Gcc-patches