diff options
author | Martin Sebor <msebor@redhat.com> | 2020-09-23 15:04:32 -0600 |
---|---|---|
committer | Martin Sebor <msebor@redhat.com> | 2020-09-23 15:10:20 -0600 |
commit | 6edc8f5bfe7d9db8fb8bd37bb8086a69850c6c6d (patch) | |
tree | c64709a3a48fac8d149e61be1ff8144e8ff8025d | |
parent | e977dd5edbcc3a3b88c3bd7efa1026c845af7487 (diff) | |
download | gcc-6edc8f5bfe7d9db8fb8bd37bb8086a69850c6c6d.zip gcc-6edc8f5bfe7d9db8fb8bd37bb8086a69850c6c6d.tar.gz gcc-6edc8f5bfe7d9db8fb8bd37bb8086a69850c6c6d.tar.bz2 |
Handle DECLs and EXPRESSIONs consistently (PR middle-end/97175).
gcc/ChangeLog:
PR middle-end/97175
* builtins.c (maybe_warn_for_bound): Handle both DECLs and EXPRESSIONs
in pad->dst.ref, same is pad->src.ref.
gcc/testsuite/ChangeLog:
PR middle-end/97175
* gcc.dg/Wstringop-overflow-44.c: New test.
-rw-r--r-- | gcc/builtins.c | 10 | ||||
-rw-r--r-- | gcc/testsuite/gcc.dg/Wstringop-overflow-44.c | 129 |
2 files changed, 137 insertions, 2 deletions
diff --git a/gcc/builtins.c b/gcc/builtins.c index 45efc1c..cac842f 100644 --- a/gcc/builtins.c +++ b/gcc/builtins.c @@ -3480,8 +3480,14 @@ maybe_warn_for_bound (int opt, location_t loc, tree exp, tree func, if (warned) { if (pad && pad->dst.ref) - inform (DECL_SOURCE_LOCATION (pad->dst.ref), - "destination object declared here"); + { + if (DECL_P (pad->dst.ref)) + inform (DECL_SOURCE_LOCATION (pad->dst.ref), + "destination object declared here"); + else if (EXPR_HAS_LOCATION (pad->dst.ref)) + inform (EXPR_LOCATION (pad->dst.ref), + "destination object allocated here"); + } TREE_NO_WARNING (exp) = true; } diff --git a/gcc/testsuite/gcc.dg/Wstringop-overflow-44.c b/gcc/testsuite/gcc.dg/Wstringop-overflow-44.c new file mode 100644 index 0000000..9e292a9 --- /dev/null +++ b/gcc/testsuite/gcc.dg/Wstringop-overflow-44.c @@ -0,0 +1,129 @@ +/* PR middle-end/97175 - ICE on an excessive strncpy bound + { dg-do compile } + { dg-options "-O -Wall" } */ + +int n; + +char *d; + +void sink (void*); + +/* Exercise calls with a destination of unknown size. */ + +void f0 (const void *s) +{ + if (n > 0) return; + __builtin_memcpy (d, s, n); // eliminated +} + +void f1 (const void *s) +{ + if (n > 0) return; + __builtin_memmove (d, s, n); // eliminated +} + +void f2 (void) +{ + if (n > 0) return; + __builtin_memset (d, 0, n); // eliminated +} + +void f3 (const char *s) +{ + if (n > 0) return; + __builtin_strncpy (d, s, n); // can be eliminated but isn't +} + +void f4 (const char *s) +{ + if (n > 0) return; + *d = 0; + __builtin_strncat (d, s, n); // can be eliminated but isn't +} + + +/* Exercise the same calls but with a declared destination object. */ + +void g0 (const void *s) +{ + if (n > 0) return; + char a[1]; + __builtin_memcpy (a, s, n); // eliminated + sink (a); +} + +void g1 (const void *s) +{ + if (n > 0) return; + char a[1]; + __builtin_memmove (a, s, n); // eliminated + sink (a); +} + +void g2 (void) +{ + if (n > 0) return; + char a[1]; + __builtin_memset (a, 0, n); // eliminated + sink (a); +} + +void g3 (const char *s) +{ + if (n > 0) return; + char a[1]; + __builtin_strncpy (a, s, n); // can be eliminated but isn't + sink (a); +} + +void g4 (const char *s) +{ + if (n > 0) return; + char a[1]; + *a = 0; + __builtin_strncat (a, s, n); // can be eliminated but isn't + sink (a); +} + + +void h0 (const void *s) +{ + if (n > 0) return; + d = __builtin_malloc (1); + __builtin_memcpy (d, s, n); // eliminated +} + +void h1 (const void *s) +{ + if (n > 0) return; + d = __builtin_malloc (1); + __builtin_memmove (d, s, n); // eliminated +} + +void h2 (void) +{ + if (n > 0) return; + d = __builtin_malloc (1); + __builtin_memset (d, 0, n); // eliminated +} + +void h3 (const char *s) +{ + if (n > 0) return; + d = __builtin_malloc (1); + __builtin_strncpy (d, s, n); // can be eliminated but isn't +} + +void h4 (const char *s) +{ + if (n > 0) return; + d = __builtin_malloc (1); + *d = 0; + __builtin_strncat (d, s, n); // can be eliminated but isn't +} + +/* The calls above that aren't eliminated trigger + warning: specified size between INT_MAX and SIZE_MAX exceed maximum + object size PTRDIFF_MAX + { dg-prune-output "-Wstringop-overflow" } + { dg-prune-output "-Wstringop-overread" } */ |