public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
* [Bug sanitizer/113304] New: zero-length array and bound checking error
@ 2024-01-10 8:11 marcandre.lureau at gmail dot com
2024-01-10 8:27 ` [Bug sanitizer/113304] " pinskia at gcc dot gnu.org
2024-01-10 8:30 ` pinskia at gcc dot gnu.org
0 siblings, 2 replies; 3+ messages in thread
From: marcandre.lureau at gmail dot com @ 2024-01-10 8:11 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113304
Bug ID: 113304
Summary: zero-length array and bound checking error
Product: gcc
Version: 13.2.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: marcandre.lureau at gmail dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
Target Milestone: ---
gcc (GCC) 13.2.1 20231205 (Red Hat 13.2.1-6)
gcc -fsanitize=bounds-strict -lubsan test.c
test.c:6:11: runtime error: index 3 out of bounds for type 'int [*]'
typedef struct BN {
int d[0];
} BN;
void test(BN *foo) {
foo->d[3] = 0;
}
int main(int argc, char *argv[])
{
struct BN {
int d[4];
} foo;
test((BN *)&foo);
return 0;
}
This coding style is used in bignum libraries, such as libtpms BN
implementation. Is this incompatible with bounds-strict usage?
^ permalink raw reply [flat|nested] 3+ messages in thread* [Bug sanitizer/113304] zero-length array and bound checking error 2024-01-10 8:11 [Bug sanitizer/113304] New: zero-length array and bound checking error marcandre.lureau at gmail dot com @ 2024-01-10 8:27 ` pinskia at gcc dot gnu.org 2024-01-10 8:30 ` pinskia at gcc dot gnu.org 1 sibling, 0 replies; 3+ messages in thread From: pinskia at gcc dot gnu.org @ 2024-01-10 8:27 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113304 Andrew Pinski <pinskia at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |documentation --- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> --- -fsanitize=bounds-strict is the basically the same as `-fsanitize=bounds -fstrict-flex-arrays=3` which says [0] is not a flexiable array either. This should be better documented though. Even -fstrict-flex-arrays needs some slightly better documentation, maybe examples will help. ^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug sanitizer/113304] zero-length array and bound checking error 2024-01-10 8:11 [Bug sanitizer/113304] New: zero-length array and bound checking error marcandre.lureau at gmail dot com 2024-01-10 8:27 ` [Bug sanitizer/113304] " pinskia at gcc dot gnu.org @ 2024-01-10 8:30 ` pinskia at gcc dot gnu.org 1 sibling, 0 replies; 3+ messages in thread From: pinskia at gcc dot gnu.org @ 2024-01-10 8:30 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=113304 Andrew Pinski <pinskia at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Last reconfirmed| |2024-01-10 Status|UNCONFIRMED |NEW --- Comment #2 from Andrew Pinski <pinskia at gcc dot gnu.org> --- Note -fsanitize=bounds-strict ignores the attribute strict_flex_array too which is definitely not documented. Confirmed for the documentation improvement. ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-01-10 8:30 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2024-01-10 8:11 [Bug sanitizer/113304] New: zero-length array and bound checking error marcandre.lureau at gmail dot com 2024-01-10 8:27 ` [Bug sanitizer/113304] " pinskia at gcc dot gnu.org 2024-01-10 8:30 ` pinskia at gcc dot gnu.org
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).