[PATCH] d: fix ASAN in option processing

Martin Liška mliska@suse.cz
Thu Nov 25 13:59:40 GMT 2021


Fixes:

==129444==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00000666ca5c at pc 0x000000ef094b bp 0x7fffffff8180 sp 0x7fffffff8178
READ of size 4 at 0x00000666ca5c thread T0
     #0 0xef094a in parse_optimize_options ../../gcc/d/d-attribs.cc:855
     #1 0xef0d36 in d_handle_optimize_attribute ../../gcc/d/d-attribs.cc:916
     #2 0xef107e in d_handle_optimize_attribute ../../gcc/d/d-attribs.cc:887
     #3 0xff85b1 in decl_attributes(tree_node**, tree_node*, int, tree_node*) ../../gcc/attribs.c:829
     #4 0xef2a91 in apply_user_attributes(Dsymbol*, tree_node*) ../../gcc/d/d-attribs.cc:427
     #5 0xf7b7f3 in get_symbol_decl(Declaration*) ../../gcc/d/decl.cc:1346
     #6 0xf87bc7 in get_symbol_decl(Declaration*) ../../gcc/d/decl.cc:967
     #7 0xf87bc7 in DeclVisitor::visit(FuncDeclaration*) ../../gcc/d/decl.cc:808
     #8 0xf83db5 in DeclVisitor::build_dsymbol(Dsymbol*) ../../gcc/d/decl.cc:146

for the following test-case: gcc/testsuite/gdc.dg/attr_optimize1.d.

Ready for master?
Thanks,
Martin

gcc/d/ChangeLog:

	* d-attribs.cc (parse_optimize_options): Check index before
	accessing cl_options.
---
  gcc/d/d-attribs.cc | 4 +++-
  1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/gcc/d/d-attribs.cc b/gcc/d/d-attribs.cc
index d81b7d122f7..1ec800526f7 100644
--- a/gcc/d/d-attribs.cc
+++ b/gcc/d/d-attribs.cc
@@ -852,7 +852,9 @@ parse_optimize_options (tree args)
    unsigned j = 1;
    for (unsigned i = 1; i < decoded_options_count; ++i)
      {
-      if (! (cl_options[decoded_options[i].opt_index].flags & CL_OPTIMIZATION))
+      unsigned opt_index = decoded_options[i].opt_index;
+      if (opt_index >= cl_options_count
+	  && ! (cl_options[opt_index].flags & CL_OPTIMIZATION))
  	{
  	  ret = false;
  	  warning (OPT_Wattributes,
-- 
2.34.0



More information about the Gcc-patches mailing list