Patchwork Fix buffer overflow in ipa_profile

login
register
mail settings
Submitter Jan Hubicka
Date Aug. 21, 2013, 2:30 p.m.
Message ID <20130821143034.GA24174@kam.mff.cuni.cz>
Download mbox | patch
Permalink /patch/268819/
State New
Headers show

Comments

Jan Hubicka - Aug. 21, 2013, 2:30 p.m.
Hi,
as Martin noticed, there is bug in ipa_profile that first allocate order array
and then introduce new local aliases before calling ipa_reverse_postorder.
Fixed thus and committed as obvious.

Honza

Patch

Index: ChangeLog
===================================================================
--- ChangeLog	(revision 201891)
+++ ChangeLog	(working copy)
@@ -1,3 +1,7 @@ 
+2013-08-20  Martin Liska  <marxin.liska@gmail.com>
+
+	* ipa.c (ipa_profile_read_summary): Fix buffer overflow.
+
 2013-08-20  Jan Hubicka  <jh@suse.cz>
 
 	PR bootstrap/58186
Index: ipa.c
===================================================================
--- ipa.c	(revision 201890)
+++ ipa.c	(working copy)
@@ -1397,7 +1397,7 @@  ipa_profile_read_summary (void)
 static unsigned int
 ipa_profile (void)
 {
-  struct cgraph_node **order = XCNEWVEC (struct cgraph_node *, cgraph_n_nodes);
+  struct cgraph_node **order;
   struct cgraph_edge *e;
   int order_pos;
   bool something_changed = false;
@@ -1575,6 +1575,7 @@  ipa_profile (void)
 	     nuseless, nuseless * 100.0 / nindirect,
 	     nconverted, nconverted * 100.0 / nindirect);
 
+  order = XCNEWVEC (struct cgraph_node *, cgraph_n_nodes);
   order_pos = ipa_reverse_postorder (order);
   for (i = order_pos - 1; i >= 0; i--)
     {