From patchwork Mon Sep 17 10:16:00 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Martin_Li=C5=A1ka?= X-Patchwork-Id: 970507 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=gcc.gnu.org (client-ip=209.132.180.131; helo=sourceware.org; envelope-from=gcc-patches-return-485751-incoming=patchwork.ozlabs.org@gcc.gnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=suse.cz Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b="WczoW9GN"; dkim-atps=neutral Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 42DMVF1KdQz9sB5 for ; Mon, 17 Sep 2018 20:16:35 +1000 (AEST) DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :subject:to:message-id:date:mime-version:content-type; q=dns; s= default; b=ilJbw6QiQmiT1zK27BALMN95bIcCpqyTH9Zr7fOQ2ENZH6bCllCR1 yp8TNRxmiqqetG+cONFqdHkFbTzDJC5SzTqKwDIfpTw7zzgCHL0R0fy0KLg9Zlnq BUJFpCHNI9vFZuc/D2m6wKSqQStUuZtS2qP0B/jh7gRjx/HmehjvJg= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :subject:to:message-id:date:mime-version:content-type; s= default; bh=wnAhiKAwMDFvIoJrZBfzXKVdtHU=; b=WczoW9GNMJdte2qsOMms ekdUdH1GIrLdjp24Vqi+awdjOjYYCBCbOQeIe4qeHY9Qaj3IEZGWolRs6BgiMDj+ H13xlAV8ovS+7uR1WGEeeKhSaoehh+cIKk0wkXz34wRAdVR7X6eyNBBc/QVv6BMv xHQmqJnQG6r5kdxwI2HpOrM= Received: (qmail 111639 invoked by alias); 17 Sep 2018 10:16:27 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 111503 invoked by uid 89); 17 Sep 2018 10:16:14 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, SPF_PASS autolearn=ham version=3.3.2 spammy=Follow, Liska, sk:output_, liska X-HELO: mx1.suse.de Received: from mx2.suse.de (HELO mx1.suse.de) (195.135.220.15) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 17 Sep 2018 10:16:04 +0000 Received: from relay2.suse.de (unknown [195.135.220.254]) by mx1.suse.de (Postfix) with ESMTP id 27ED5ADA9 for ; Mon, 17 Sep 2018 10:16:01 +0000 (UTC) From: =?utf-8?q?Martin_Li=C5=A1ka?= Subject: [PATCH] Fix out-of-bounds in gcov.c (PR gcov-profile/85871). To: gcc-patches@gcc.gnu.org Message-ID: <4870fc93-44b7-bfce-d3f1-5f8db6286ff2@suse.cz> Date: Mon, 17 Sep 2018 12:16:00 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.0 MIME-Version: 1.0 X-IsSubscribed: yes Hi. One obvious patch where we access src->lines one element after the end. Survives gcov.exp tests, I'm going to install the patch. Martin gcc/ChangeLog: 2018-09-17 Martin Liska PR gcov-profile/85871 * gcov.c (output_intermediate_file): Fix out of bounds access. --- gcc/gcov.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/gcc/gcov.c b/gcc/gcov.c index 6a24a320046..c6cf79b0f53 100644 --- a/gcc/gcov.c +++ b/gcc/gcov.c @@ -1085,7 +1085,8 @@ output_intermediate_file (FILE *gcov_file, source_info *src) } /* Follow with lines associated with the source file. */ - output_intermediate_line (gcov_file, &src->lines[line_num], line_num); + if (line_num < src->lines.size ()) + output_intermediate_line (gcov_file, &src->lines[line_num], line_num); } }