Proposed Patch for Bug 69687

Message ID	49B60A75-7FA7-4202-8D10-EEB8674A5560@gmail.com
State	New
Headers	show Return-Path: <gcc-patches-return-424231-incoming=patchwork.ozlabs.org@gcc.gnu.org> DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender :content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; q=dns; s= default; b=ZbzJ2eo5OaQe+nU1Ns3h7Z94fbonHny+3rt2tGC6uJsslvN+80DqJ AHSad13GiAXSmQ0fHje+vqey47aGp6ftk2TpAGbixa7Ilopg/ZV5ayXlrkWtRC0Q lnGdxWarC+Sq9MkuD4K62xFDo4DpWN/u18Fb+oWbrwKISEwlGccVF8= Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk Sender: gcc-patches-owner@gcc.gnu.org Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) Subject: Re: Proposed Patch for Bug 69687 From: =?windows-1252?Q?Marcel_B=F6hme?= <boehme.marcel@gmail.com> In-Reply-To: <56FE8068.2070506@redhat.com> Date: Sat, 2 Apr 2016 01:00:09 +0800 Cc: Mike Stump <mikestump@comcast.net>, gcc-patches@gcc.gnu.org Content-Transfer-Encoding: quoted-printable Message-Id: <49B60A75-7FA7-4202-8D10-EEB8674A5560@gmail.com> References: <EA6F36C4-86FE-4018-8CB0-D0F314C1528D@gmail.com> <EBBC24E4-04F9-4A8F-9A5D-801BFF9009EF@comcast.net> <66021953-4407-44D7-B252-0D2D685CF235@gmail.com> <56FA7396.7060507@redhat.com> <42533159-9D5B-476F-A209-44C81C2B9AA0@gmail.com> <56FE8068.2070506@redhat.com> To: Bernd Schmidt <bschmidt@redhat.com>

Message ID

49B60A75-7FA7-4202-8D10-EEB8674A5560@gmail.com

State

New

Headers

DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender
	:content-type:mime-version:subject:from:in-reply-to:date:cc
	:content-transfer-encoding:message-id:references:to; q=dns; s=
	default; b=ZbzJ2eo5OaQe+nU1Ns3h7Z94fbonHny+3rt2tGC6uJsslvN+80DqJ
	AHSad13GiAXSmQ0fHje+vqey47aGp6ftk2TpAGbixa7Ilopg/ZV5ayXlrkWtRC0Q
	lnGdxWarC+Sq9MkuD4K62xFDo4DpWN/u18Fb+oWbrwKISEwlGccVF8=
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
Sender: gcc-patches-owner@gcc.gnu.org
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
Subject: Re: Proposed Patch for Bug 69687
From: =?windows-1252?Q?Marcel_B=F6hme?= <boehme.marcel@gmail.com>
In-Reply-To: <56FE8068.2070506@redhat.com>
Date: Sat, 2 Apr 2016 01:00:09 +0800
Cc: Mike Stump <mikestump@comcast.net>, gcc-patches@gcc.gnu.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <49B60A75-7FA7-4202-8D10-EEB8674A5560@gmail.com>
References: <EA6F36C4-86FE-4018-8CB0-D0F314C1528D@gmail.com>
	<EBBC24E4-04F9-4A8F-9A5D-801BFF9009EF@comcast.net>
	<66021953-4407-44D7-B252-0D2D685CF235@gmail.com>
	<56FA7396.7060507@redhat.com>
	<42533159-9D5B-476F-A209-44C81C2B9AA0@gmail.com>
	<56FE8068.2070506@redhat.com>
To: Bernd Schmidt <bschmidt@redhat.com>

Commit Message

Marcel Böhme April 1, 2016, 5 p.m. UTC

> 
> Forgot about this issue, sorry. At least this needs guarding with #ifdef HAVE_LIMITS_H, as in the other files in libiberty. Several of them also go to trouble to define the macros if limits.h is missing; not sure how much of an issue that is nowadays, but you might want to adapt something like the code from strtol.c:
> 
> #ifndef ULONG_MAX
> #define ULONG_MAX       ((unsigned long)(~0L))          /* 0xFFFFFFFF */
> #endif
> 
> #ifndef LONG_MAX
> #define LONG_MAX        ((long)(ULONG_MAX >> 1))        /* 0x7FFFFFFF */
> #endif
> 
> Mind trying that and doing a full test run as described in my other mail?

Regression tested on x86_64-pc-linux-gnu (make check). Checked PR69687 is resolved (via binutils); even for our definition of INT_MAX.
No test cases added since the test would take up to 2 minutes and end in xmalloc_failed even in the successful case.

Thanks,
- Marcel

--

Index: libiberty/cplus-dem.c
===================================================================
--- libiberty/cplus-dem.c	(revision 234663)
+++ libiberty/cplus-dem.c	(working copy)
@@ -56,6 +56,13 @@  void * malloc ();
 void * realloc ();
 #endif
 
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
+#ifndef INT_MAX
+# define INT_MAX       (int)(((unsigned int) ~0) >> 1)          /* 0x7FFFFFFF */ 
+#endif
+
 #include <demangle.h>
 #undef CURRENT_DEMANGLING_STYLE
 #define CURRENT_DEMANGLING_STYLE work->options
@@ -4256,6 +4263,8 @@  remember_type (struct work_stuff *work,
 	}
       else
 	{
+          if (work -> typevec_size > INT_MAX / 2)
+	    xmalloc_failed (INT_MAX);
 	  work -> typevec_size *= 2;
 	  work -> typevec
 	    = XRESIZEVEC (char *, work->typevec, work->typevec_size);
@@ -4283,6 +4292,8 @@  remember_Ktype (struct work_stuff *work,
 	}
       else
 	{
+          if (work -> ksize > INT_MAX / 2)
+	    xmalloc_failed (INT_MAX);
 	  work -> ksize *= 2;
 	  work -> ktypevec
 	    = XRESIZEVEC (char *, work->ktypevec, work->ksize);
@@ -4312,6 +4323,8 @@  register_Btype (struct work_stuff *work)
 	}
       else
 	{
+          if (work -> bsize > INT_MAX / 2)
+	    xmalloc_failed (INT_MAX);
 	  work -> bsize *= 2;
 	  work -> btypevec
 	    = XRESIZEVEC (char *, work->btypevec, work->bsize);
@@ -4766,6 +4779,8 @@  string_need (string *s, int n)
   else if (s->e - s->p < n)
     {
       tem = s->p - s->b;
+      if (n > INT_MAX / 2 - tem)
+        xmalloc_failed (INT_MAX); 
       n += tem;
       n *= 2;
       s->b = XRESIZEVEC (char, s->b, n);