[PATCH] warn for integer overflow in allocation calls (PR 96838)

Bernhard Reutner-Fischer rep.dot.nop@gmail.com
Wed Sep 16 09:39:34 GMT 2020


On 15 September 2020 21:47:46 CEST, Martin Sebor via Gcc-patches <gcc-patches@gcc.gnu.org> wrote:
>Overflowing the size of a dynamic allocation (e.g., malloc or VLA)
>can lead to a subsequent buffer overflow corrupting the heap or
>stack.  The attached patch diagnoses a subset of these cases where
>the overflow/wraparound is still detectable.
>
>Besides regtesting GCC on x86_64-linux I also verified the warning
>doesn't introduce any false positives into Glibc or Binutils/GDB
>builds on the same target.

+/* Try to evaluate the artithmetic EXPresssion representing the size of

s/EXPresssion/expression EXP/

You had a bit more s than strictly necessary..
thanks,

>
>Martin



More information about the Gcc-patches mailing list