[Ada] Ada2020: AI12-0110 Tampering checks are performed first

2020-06-17 Bob Duff <duff@adacore.com> gcc/ada/ * libgnat/a-cbdlli.adb, libgnat/a-cbhama.adb, libgnat/a-cbhase.adb, libgnat/a-cbmutr.adb, libgnat/a-cborma.adb, libgnat/a-cborse.adb, libgnat/a-cdlili.adb, libgnat/a-chtgbk.adb, libgnat/a-chtgke.adb, libgnat/a-cidlli.adb, libgnat/a-cihama.adb, libgnat/a-cihase.adb, libgnat/a-cimutr.adb, libgnat/a-ciorma.adb, libgnat/a-ciorse.adb, libgnat/a-cobove.adb, libgnat/a-cohama.adb, libgnat/a-cohase.adb, libgnat/a-coinve.adb, libgnat/a-comutr.adb, libgnat/a-convec.adb, libgnat/a-coorma.adb, libgnat/a-coorse.adb, libgnat/a-crbtgk.adb, libgnat/a-crbtgo.adb, libgnat/a-rbtgso.adb: Move tampering checks earlier.
author: Bob Duff <duff@adacore.com> 2020-04-10 18:23:15 -0400
committer: Pierre-Marie de Rodat <derodat@adacore.com> 2020-06-17 04:14:11 -0400
commit: c602003b6a2552c01d77fd1fdd5f12848743075f (patch)
tree: 1e7cd76cceb0fb154536471344970a65f91fa59c /gcc/ada/libgnat/a-cimutr.adb
parent: 4ea4df3af88f33686813b7db70fbe3e37b7dfecc (diff)
download: gcc-c602003b6a2552c01d77fd1fdd5f12848743075f.zip
gcc-c602003b6a2552c01d77fd1fdd5f12848743075f.tar.gz
gcc-c602003b6a2552c01d77fd1fdd5f12848743075f.tar.bz2
1 files changed, 26 insertions, 30 deletions
diff --git a/gcc/ada/libgnat/a-cimutr.adb b/gcc/ada/libgnat/a-cimutr.adb
index 951097b..ac7e534 100644
--- a/gcc/ada/libgnat/a-cimutr.adb
+++ b/gcc/ada/libgnat/a-cimutr.adb
@@ -261,6 +261,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       Element     : Element_Access;
 
    begin
+      TC_Check (Container.TC);
+
       if Checks and then Parent = No_Element then
          raise Constraint_Error with "Parent cursor has no element";
       end if;
@@ -273,8 +275,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          return;
       end if;
 
-      TC_Check (Container.TC);
-
       declare
          --  The element allocator may need an accessibility check in the case
          --  the actual type is class-wide or has access discriminants (see
@@ -738,6 +738,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       Count : Count_Type;
 
    begin
+      TC_Check (Container.TC);
+
       if Checks and then Parent = No_Element then
          raise Constraint_Error with "Parent cursor has no element";
       end if;
@@ -746,8 +748,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          raise Program_Error with "Parent cursor not in container";
       end if;
 
-      TC_Check (Container.TC);
-
       --  Deallocate_Children returns a count of the number of nodes
       --  that it deallocates, but it works by incrementing the
       --  value that is passed in. We must therefore initialize
@@ -772,6 +772,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       X : Tree_Node_Access;
 
    begin
+      TC_Check (Container.TC);
+
       if Checks and then Position = No_Element then
          raise Constraint_Error with "Position cursor has no element";
       end if;
@@ -789,8 +791,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          raise Constraint_Error with "Position cursor does not designate leaf";
       end if;
 
-      TC_Check (Container.TC);
-
       X := Position.Node;
       Position := No_Element;
 
@@ -819,6 +819,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       Count : Count_Type;
 
    begin
+      TC_Check (Container.TC);
+
       if Checks and then Position = No_Element then
          raise Constraint_Error with "Position cursor has no element";
       end if;
@@ -832,8 +834,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          raise Program_Error with "Position cursor designates root";
       end if;
 
-      TC_Check (Container.TC);
-
       X := Position.Node;
       Position := No_Element;
 
@@ -1191,6 +1191,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       Element : Element_Access;
 
    begin
+      TC_Check (Container.TC);
+
       if Checks and then Parent = No_Element then
          raise Constraint_Error with "Parent cursor has no element";
       end if;
@@ -1215,8 +1217,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          return;
       end if;
 
-      TC_Check (Container.TC);
-
       declare
          --  The element allocator may need an accessibility check in the case
          --  the actual type is class-wide or has access discriminants (see
@@ -1735,6 +1735,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       Element     : Element_Access;
 
    begin
+      TC_Check (Container.TC);
+
       if Checks and then Parent = No_Element then
          raise Constraint_Error with "Parent cursor has no element";
       end if;
@@ -1747,8 +1749,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          return;
       end if;
 
-      TC_Check (Container.TC);
-
       declare
          --  The element allocator may need an accessibility check in the case
          --  the actual type is class-wide or has access discriminants (see
@@ -2096,6 +2096,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       E, X : Element_Access;
 
    begin
+      TE_Check (Container.TC);
+
       if Checks and then Position = No_Element then
          raise Constraint_Error with "Position cursor has no element";
       end if;
@@ -2109,8 +2111,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          raise Program_Error with "Position cursor designates root";
       end if;
 
-      TE_Check (Container.TC);
-
       declare
          --  The element allocator may need an accessibility check in the case
          --  the actual type is class-wide or has access discriminants (see
@@ -2182,6 +2182,9 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       Count : Count_Type;
 
    begin
+      TC_Check (Target.TC);
+      TC_Check (Source.TC);
+
       if Checks and then Target_Parent = No_Element then
          raise Constraint_Error with "Target_Parent cursor has no element";
       end if;
@@ -2219,8 +2222,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
             return;
          end if;
 
-         TC_Check (Target.TC);
-
          if Checks and then Is_Reachable (From => Target_Parent.Node,
                           To   => Source_Parent.Node)
          then
@@ -2236,9 +2237,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          return;
       end if;
 
-      TC_Check (Target.TC);
-      TC_Check (Source.TC);
-
       --  We cache the count of the nodes we have allocated, so that operation
       --  Node_Count can execute in O(1) time. But that means we must count the
       --  nodes in the subtree we remove from Source and insert into Target, in
@@ -2265,6 +2263,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       Source_Parent   : Cursor)
    is
    begin
+      TC_Check (Container.TC);
+
       if Checks and then Target_Parent = No_Element then
          raise Constraint_Error with "Target_Parent cursor has no element";
       end if;
@@ -2304,8 +2304,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          return;
       end if;
 
-      TC_Check (Container.TC);
-
       if Checks and then Is_Reachable (From => Target_Parent.Node,
                        To   => Source_Parent.Node)
       then
@@ -2363,6 +2361,9 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       Subtree_Count : Count_Type;
 
    begin
+      TC_Check (Target.TC);
+      TC_Check (Source.TC);
+
       if Checks and then Parent = No_Element then
          raise Constraint_Error with "Parent cursor has no element";
       end if;
@@ -2404,8 +2405,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
             end if;
          end if;
 
-         TC_Check (Target.TC);
-
          if Checks and then
            Is_Reachable (From => Parent.Node, To => Position.Node)
          then
@@ -2420,9 +2419,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          return;
       end if;
 
-      TC_Check (Target.TC);
-      TC_Check (Source.TC);
-
       --  This is an unfortunate feature of this API: we must count the nodes
       --  in the subtree that we remove from the source tree, which is an O(n)
       --  operation. It would have been better if the Tree container did not
@@ -2455,6 +2451,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       Position  : Cursor)
    is
    begin
+      TC_Check (Container.TC);
+
       if Checks and then Parent = No_Element then
          raise Constraint_Error with "Parent cursor has no element";
       end if;
@@ -2500,8 +2498,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          end if;
       end if;
 
-      TC_Check (Container.TC);
-
       if Checks and then
         Is_Reachable (From => Parent.Node, To => Position.Node)
       then
@@ -2553,6 +2549,8 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
       I, J      : Cursor)
    is
    begin
+      TE_Check (Container.TC);
+
       if Checks and then I = No_Element then
          raise Constraint_Error with "I cursor has no element";
       end if;
@@ -2581,8 +2579,6 @@ package body Ada.Containers.Indefinite_Multiway_Trees is
          raise Program_Error with "J cursor designates root";
       end if;
 
-      TE_Check (Container.TC);
-
       declare
          EI : constant Element_Access := I.Node.Element;
author	Bob Duff <duff@adacore.com>	2020-04-10 18:23:15 -0400
committer	Pierre-Marie de Rodat <derodat@adacore.com>	2020-06-17 04:14:11 -0400
commit	c602003b6a2552c01d77fd1fdd5f12848743075f (patch)
tree	1e7cd76cceb0fb154536471344970a65f91fa59c /gcc/ada/libgnat/a-cimutr.adb
parent	4ea4df3af88f33686813b7db70fbe3e37b7dfecc (diff)
download	gcc-c602003b6a2552c01d77fd1fdd5f12848743075f.zip gcc-c602003b6a2552c01d77fd1fdd5f12848743075f.tar.gz gcc-c602003b6a2552c01d77fd1fdd5f12848743075f.tar.bz2