From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from esa4.mentor.iphmx.com (esa4.mentor.iphmx.com [68.232.137.252]) by sourceware.org (Postfix) with ESMTPS id 9DD48385BF9E; Tue, 23 Mar 2021 09:02:01 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 9DD48385BF9E Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=codesourcery.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=Tobias_Burnus@mentor.com IronPort-SDR: mSnSsEr95ViYSD71EC/GgmhqXqJzD0lMIpvWwutAL59DuppErk5vbA5gf5YEQbjMyH9Ihzlw9d RVtZX/PtTE0d8SRK0k591S+Y7likyQ9reFz6Sp6faXxKk2JhYbGKpPNLpt+o2cFRZC/no/U8E7 kRC7HtITqoov6CN8yv1T6w3rHrSIzXo2+g7HDQvS2Sm02lm8RDZZQ40GLIlcSKPiTZKvhbCQDA af1cNI+ZY3odTzGatDNEh1M3se8noKTY7L+FazRFTHeRpjemKt5Ei+MB0BQrkDyzsDU1VbcCK0 jz8= X-IronPort-AV: E=Sophos;i="5.81,271,1610438400"; d="diff'?scan'208";a="59503705" Received: from orw-gwy-01-in.mentorg.com ([192.94.38.165]) by esa4.mentor.iphmx.com with ESMTP; 23 Mar 2021 01:02:00 -0800 IronPort-SDR: JF0qPFTuiaw0P9kqnzMzn44JAEkYs67nuGRKv3NF+npLVHm70WP8oB1UKOjyHe3NTyTq9KMUXA xQOXdSL3UUKrCRiAFmi4CU/4Ti9Mniq7b1RfI6otfIjMBjR1YslRlx6yF9EK84MNI2kuWGaap5 ME8FZUtyJneqq77qQS0+GGj2xOJLNGjBunzmZY/BAbqGMBliP5XmT4IToRsrNGrcxj3I+iBhV4 XzL5VE5025+uGTXjWkG35XEGXfhmMn9BsYS/yVjtjBqnkblCiv/g9ojIBZ9O8x/DVEFgUFbu3i TKg= To: gcc-patches , fortran From: Tobias Burnus Subject: [Patch] Fortran: Extend buffer, use snprintf to avoid overflows [PR99369] Message-ID: Date: Tue, 23 Mar 2021 10:01:53 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------8A7B5E51A07CEBDB25552CC6" Content-Language: en-US X-Originating-IP: [137.202.0.90] X-ClientProxiedBy: SVR-IES-MBX-07.mgc.mentorg.com (139.181.222.7) To svr-ies-mbx-01.mgc.mentorg.com (139.181.222.1) X-Spam-Status: No, score=-12.0 required=5.0 tests=BAYES_00, GIT_PATCH_0, HEADER_FROM_DIFFERENT_DOMAINS, KAM_DMARC_STATUS, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: fortran@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Fortran mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Mar 2021 09:02:07 -0000 --------------8A7B5E51A07CEBDB25552CC6 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: quoted-printable For details, see PR. If I have not miscounted, the failing message has 32 characters + three names =E2=86=92 (3*62 + 1 + 32) =3D 219 > 200. I add another 18 characters for longer translation strings. If that is not enough, there will be truncation but no buffer overflow thanks to snprintf. OK for mainline and GCC 10? [If there are no comments or an OK, I intent to commit it as obvious tomorrow.] Tobias PS: Patches which I would like to see in GCC 11 and 10, but which are still pending review: * [Patch] Fortran: Fix intrinsic null() handling [PR99651] * [Patch] Fortran: Fix func decl mismatch [PR93660] ----------------- Mentor Graphics (Deutschland) GmbH, Arnulfstrasse 201, 80634 M=C3=BCnchen R= egistergericht M=C3=BCnchen HRB 106955, Gesch=C3=A4ftsf=C3=BChrer: Thomas H= eurung, Frank Th=C3=BCrauf --------------8A7B5E51A07CEBDB25552CC6 Content-Type: text/x-patch; charset="UTF-8"; name="longnames.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="longnames.diff" Fortran: Extend buffer, use snprintf to avoid overflows [PR99369] gcc/fortran/ChangeLog: PR fortran/99369 * resolve.c (resolve_operator): Make 'msg' buffer larger and use snprintf. gcc/testsuite/ChangeLog: PR fortran/99369 * gfortran.dg/longnames.f90: New test. gcc/fortran/resolve.c | 82 ++++++++++++++++------------- gcc/testsuite/gfortran.dg/longnames.f90 | 92 +++++++++++++++++++++++++++++++++ 2 files changed, 137 insertions(+), 37 deletions(-) diff --git a/gcc/fortran/resolve.c b/gcc/fortran/resolve.c index 715fecd4b3a..1c9b0c5cb62 100644 --- a/gcc/fortran/resolve.c +++ b/gcc/fortran/resolve.c @@ -3994,7 +3994,8 @@ static bool resolve_operator (gfc_expr *e) { gfc_expr *op1, *op2; - char msg[200]; + /* One error uses 3 names; additional space for wording (also via gettext). */ + char msg[3*GFC_MAX_SYMBOL_LEN + 1 + 50]; bool dual_locus_error; bool t = true; @@ -4047,7 +4048,8 @@ resolve_operator (gfc_expr *e) if ((op1 && op1->expr_type == EXPR_NULL) || (op2 && op2->expr_type == EXPR_NULL)) { - sprintf (msg, _("Invalid context for NULL() pointer at %%L")); + snprintf (msg, sizeof (msg), + _("Invalid context for NULL() pointer at %%L")); goto bad_op; } @@ -4063,8 +4065,9 @@ resolve_operator (gfc_expr *e) break; } - sprintf (msg, _("Operand of unary numeric operator %%<%s%%> at %%L is %s"), - gfc_op2string (e->value.op.op), gfc_typename (e)); + snprintf (msg, sizeof (msg), + _("Operand of unary numeric operator %%<%s%%> at %%L is %s"), + gfc_op2string (e->value.op.op), gfc_typename (e)); goto bad_op; case INTRINSIC_PLUS: @@ -4079,14 +4082,14 @@ resolve_operator (gfc_expr *e) } if (op1->ts.type == BT_DERIVED || op2->ts.type == BT_DERIVED) - sprintf (msg, - _("Unexpected derived-type entities in binary intrinsic " - "numeric operator %%<%s%%> at %%L"), + snprintf (msg, sizeof (msg), + _("Unexpected derived-type entities in binary intrinsic " + "numeric operator %%<%s%%> at %%L"), gfc_op2string (e->value.op.op)); else - sprintf (msg, - _("Operands of binary numeric operator %%<%s%%> at %%L are %s/%s"), - gfc_op2string (e->value.op.op), gfc_typename (op1), + snprintf (msg, sizeof(msg), + _("Operands of binary numeric operator %%<%s%%> at %%L are %s/%s"), + gfc_op2string (e->value.op.op), gfc_typename (op1), gfc_typename (op2)); goto bad_op; @@ -4099,9 +4102,9 @@ resolve_operator (gfc_expr *e) break; } - sprintf (msg, - _("Operands of string concatenation operator at %%L are %s/%s"), - gfc_typename (op1), gfc_typename (op2)); + snprintf (msg, sizeof (msg), + _("Operands of string concatenation operator at %%L are %s/%s"), + gfc_typename (op1), gfc_typename (op2)); goto bad_op; case INTRINSIC_AND: @@ -4142,9 +4145,10 @@ resolve_operator (gfc_expr *e) goto simplify_op; } - sprintf (msg, _("Operands of logical operator %%<%s%%> at %%L are %s/%s"), - gfc_op2string (e->value.op.op), gfc_typename (op1), - gfc_typename (op2)); + snprintf (msg, sizeof (msg), + _("Operands of logical operator %%<%s%%> at %%L are %s/%s"), + gfc_op2string (e->value.op.op), gfc_typename (op1), + gfc_typename (op2)); goto bad_op; @@ -4165,8 +4169,8 @@ resolve_operator (gfc_expr *e) break; } - sprintf (msg, _("Operand of .not. operator at %%L is %s"), - gfc_typename (op1)); + snprintf (msg, sizeof (msg), _("Operand of .not. operator at %%L is %s"), + gfc_typename (op1)); goto bad_op; case INTRINSIC_GT: @@ -4276,16 +4280,16 @@ resolve_operator (gfc_expr *e) } if (op1->ts.type == BT_LOGICAL && op2->ts.type == BT_LOGICAL) - sprintf (msg, - _("Logicals at %%L must be compared with %s instead of %s"), - (e->value.op.op == INTRINSIC_EQ - || e->value.op.op == INTRINSIC_EQ_OS) - ? ".eqv." : ".neqv.", gfc_op2string (e->value.op.op)); + snprintf (msg, sizeof (msg), + _("Logicals at %%L must be compared with %s instead of %s"), + (e->value.op.op == INTRINSIC_EQ + || e->value.op.op == INTRINSIC_EQ_OS) + ? ".eqv." : ".neqv.", gfc_op2string (e->value.op.op)); else - sprintf (msg, - _("Operands of comparison operator %%<%s%%> at %%L are %s/%s"), - gfc_op2string (e->value.op.op), gfc_typename (op1), - gfc_typename (op2)); + snprintf (msg, sizeof (msg), + _("Operands of comparison operator %%<%s%%> at %%L are %s/%s"), + gfc_op2string (e->value.op.op), gfc_typename (op1), + gfc_typename (op2)); goto bad_op; @@ -4296,19 +4300,23 @@ resolve_operator (gfc_expr *e) const char *guessed; guessed = lookup_uop_fuzzy (name, e->value.op.uop->ns->uop_root); if (guessed) - sprintf (msg, _("Unknown operator %%<%s%%> at %%L; did you mean '%s'?"), - name, guessed); + snprintf (msg, sizeof (msg), + _("Unknown operator %%<%s%%> at %%L; did you mean '%s'?"), + name, guessed); else - sprintf (msg, _("Unknown operator %%<%s%%> at %%L"), name); + snprintf (msg, sizeof (msg), _("Unknown operator %%<%s%%> at %%L"), + name); } else if (op2 == NULL) - sprintf (msg, _("Operand of user operator %%<%s%%> at %%L is %s"), - e->value.op.uop->name, gfc_typename (op1)); + snprintf (msg, sizeof (msg), + _("Operand of user operator %%<%s%%> at %%L is %s"), + e->value.op.uop->name, gfc_typename (op1)); else { - sprintf (msg, _("Operands of user operator %%<%s%%> at %%L are %s/%s"), - e->value.op.uop->name, gfc_typename (op1), - gfc_typename (op2)); + snprintf (msg, sizeof (msg), + _("Operands of user operator %%<%s%%> at %%L are %s/%s"), + e->value.op.uop->name, gfc_typename (op1), + gfc_typename (op2)); e->value.op.uop->op->sym->attr.referenced = 1; } @@ -4391,8 +4399,8 @@ resolve_operator (gfc_expr *e) /* Try user-defined operators, and otherwise throw an error. */ dual_locus_error = true; - sprintf (msg, - _("Inconsistent ranks for operator at %%L and %%L")); + snprintf (msg, sizeof (msg), + _("Inconsistent ranks for operator at %%L and %%L")); goto bad_op; } } diff --git a/gcc/testsuite/gfortran.dg/longnames.f90 b/gcc/testsuite/gfortran.dg/longnames.f90 new file mode 100644 index 00000000000..046179ea2fb --- /dev/null +++ b/gcc/testsuite/gfortran.dg/longnames.f90 @@ -0,0 +1,92 @@ +! { dg-do compile } +! +! PR fortran/99369 +! +! Contributed by G. Steinmetz +! + +module m1bcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc + type tabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc + end type + interface operator (.oabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc.) + procedure fabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc + end interface +contains + function fabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc & + (uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc, & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc) + type (tabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc), intent(in) :: & + uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc, & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc + end +end +subroutine p1 + use m1bcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc + type (tabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc) :: & + uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc, & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc + wabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc = & + uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc & + .oabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc. & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabc +end + + +module m2bcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd + type tabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd + end type + interface operator (.oabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd.) + procedure fabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd + end interface +contains + function fabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd & + (uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd, & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd) + type (tabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd), intent(in) :: & + uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd, & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd + end +end +subroutine p2 + use m2bcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd + type (tabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd) :: & + uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd, & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd + wabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd = & + uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd & + .oabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd. & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcd +end + + +module m3bcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab + type tabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab + end type + interface operator (.oabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab.) + procedure fabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab + end interface +contains + function fabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab & + (uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab, & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab) + type (tabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab), intent(in) :: & + uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab, & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab + end +end +subroutine p3 + use m3bcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab + type (tabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab) :: & + uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab, & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab + wabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab = & + uabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab & + .oabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab. & + vabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzabcdefgxyzab +end + +program main + call p1 + call p2 + call p3 +end --------------8A7B5E51A07CEBDB25552CC6--