diff mbox

Prevent out-of-bounds access (PR sanitizer/59258)

Message ID 20131125095847.GM30062@redhat.com
State New
Headers show

Commit Message

Marek Polacek Nov. 25, 2013, 9:58 a.m. UTC 
On Mon, Nov 25, 2013 at 10:36:00AM +0100, Jakub Jelinek wrote:
> On Mon, Nov 25, 2013 at 10:27:00AM +0100, Marek Polacek wrote:
> > This fixes a thinko of mine: when I added another two elements to the
> > ubsan data structure, I forgot to increase the size of the array.
> > 
> > Alternatively, I could use an alloca for this (VLAs issue a warning
> > in C++03 and are thus no-go :().
> > 
> > I don't have a simple testcase for this.  Valgrind/asan would be
> > needed.
> > 
> > Ran the testsuite.  Ok for trunk?
> > 
> > 2013-11-25  Marek Polacek  <polacek@redhat.com>
> > 
> > 	* ubsan.c (ubsan_create_data): Increase the size of the fields array.
> 
> Ok, but can you also fix up formatting in the function:
> 
>       /* We have to add two more decls.  */
>       fields[i] = build_decl (UNKNOWN_LOCATION, FIELD_DECL, NULL_TREE,
>                                 pointer_sized_int_node);
> the above line is indented too much... .

I'll commit the following then.

2013-11-25  Marek Polacek  <polacek@redhat.com>

	* ubsan.c (ubsan_create_data): Increase the size of the fields array.


	Marek
diff mbox

Patch

--- gcc/ubsan.c.mp3	2013-11-25 10:46:48.488069505 +0100
+++ gcc/ubsan.c	2013-11-25 10:47:09.646145804 +0100
@@ -387,7 +387,7 @@  ubsan_create_data (const char *name, loc
 {
   va_list args;
   tree ret, t;
-  tree fields[3];
+  tree fields[5];
   vec<tree, va_gc> *saved_args = NULL;
   size_t i = 0;
 
@@ -425,7 +425,7 @@  ubsan_create_data (const char *name, loc
     {
       /* We have to add two more decls.  */
       fields[i] = build_decl (UNKNOWN_LOCATION, FIELD_DECL, NULL_TREE,
-				pointer_sized_int_node);
+			      pointer_sized_int_node);
       DECL_CONTEXT (fields[i]) = ret;
       DECL_CHAIN (fields[i - 1]) = fields[i];
       i++;