re PR sanitizer/65280 (-fsanitize=bounds does not detect out-of-bounds access)

	PR sanitizer/65280
	* doc/invoke.texi: Update description of -fsanitize=bounds.

	* c-ubsan.c (ubsan_instrument_bounds): Check for COMPONENT_REF
	before trying to figure out whether we have a flexible array member.

	* c-c++-common/ubsan/bounds-1.c: Add testing of flexible array
	member-like arrays.
	* c-c++-common/ubsan/bounds-8.c: New test.
	* c-c++-common/ubsan/bounds-9.c: New test.
	* gcc.dg/ubsan/bounds-2.c: New test.

Co-Authored-By: Martin Uecker <uecker@eecs.berkeley.edu>

From-SVN: r221250

2 files changed, 9 insertions, 2 deletions

diff --git a/gcc/c-family/ChangeLog b/gcc/c-family/ChangeLog
index fa08958..6bd5a28 100644
--- a/gcc/c-family/ChangeLog
+++ b/gcc/c-family/ChangeLog
@@ -1,3 +1,9 @@
+2015-03-07  Marek Polacek  <polacek@redhat.com>
+
+	PR sanitizer/65280
+	* c-ubsan.c (ubsan_instrument_bounds): Check for COMPONENT_REF
+	before trying to figure out whether we have a flexible array member.
+
 2015-03-06  Eric Botcazou  <ebotcazou@adacore.com>
             Jonathan Wakely  <jwakely.gcc@gmail.com>
 
diff --git a/gcc/c-family/c-ubsan.c b/gcc/c-family/c-ubsan.c
index 90d59c0..a14426f 100644
--- a/gcc/c-family/c-ubsan.c
+++ b/gcc/c-family/c-ubsan.c
@@ -303,8 +303,9 @@ ubsan_instrument_bounds (location_t loc, tree array, tree *index,
 
   /* Detect flexible array members and suchlike.  */
   tree base = get_base_address (array);
-  if (base && (TREE_CODE (base) == INDIRECT_REF
-	       || TREE_CODE (base) == MEM_REF))
+  if (TREE_CODE (array) == COMPONENT_REF
+      && base && (TREE_CODE (base) == INDIRECT_REF
+		  || TREE_CODE (base) == MEM_REF))
     {
       tree next = NULL_TREE;
       tree cref = array;