public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug preprocessor/14461] New: preprocessor cause buffer overflow
@ 2004-03-06 17:57 kutara at sayuri dot ne dot jp
2004-03-06 18:43 ` [Bug preprocessor/14461] " pinskia at gcc dot gnu dot org
2004-03-06 23:45 ` zack at gcc dot gnu dot org
0 siblings, 2 replies; 3+ messages in thread
From: kutara at sayuri dot ne dot jp @ 2004-03-06 17:57 UTC (permalink / raw)
To: gcc-bugs
Preprocessor allocate buffer using mmap() or malloc() for reading include files
at cppfiles.c / read_include_file().
When using malloc(), the buffer can be NUL-terminated.
But using mmap(), the buffer cannot be NUL-terminated.
Almost implementation of mmap() are NUL-terminated after the mmap()ed file data.
But XFS(SGI's file system) on Linux is different.
So everywhere reading buffer like 'buffer->cur++', must check buffer overflow.
For example, at cpplex.c / _cpp_lex_direct(),
> skipped_white:
+ if( buffer->cur > buffer->rlimit )
+ c = '\0';
+ else
> c = *buffer->cur++;
> result->col = CPP_BUF_COLUMN (buffer, buffer->cur);
--
Summary: preprocessor cause buffer overflow
Product: gcc
Version: 3.3.3
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: preprocessor
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: kutara at sayuri dot ne dot jp
CC: gcc-bugs at gcc dot gnu dot org
GCC build triplet: i686-pc-linux-gnu
GCC host triplet: i686-pc-linux-gnu
GCC target triplet: i686-pc-linux-gnu
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=14461
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-03-06 23:45 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2004-03-06 17:57 [Bug preprocessor/14461] New: preprocessor cause buffer overflow kutara at sayuri dot ne dot jp
2004-03-06 18:43 ` [Bug preprocessor/14461] " pinskia at gcc dot gnu dot org
2004-03-06 23:45 ` zack at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).