public inbox for gcc-cvs@sourceware.org help / color / mirror / Atom feed
From: William Schmidt <wschmidt@gcc.gnu.org> To: gcc-cvs@gcc.gnu.org Subject: [gcc r12-3097] rs6000: Avoid buffer overruns Date: Mon, 23 Aug 2021 21:00:45 +0000 (GMT) [thread overview] Message-ID: <20210823210045.82C4E3858C2C@sourceware.org> (raw) https://gcc.gnu.org/g:30c335ac44ecb4f17645925360177618763d7c48 commit r12-3097-g30c335ac44ecb4f17645925360177618763d7c48 Author: Bill Schmidt <wschmidt@linux.ibm.com> Date: Thu Aug 19 16:07:55 2021 -0500 rs6000: Avoid buffer overruns 2021-08-19 Bill Schmidt <wschmidt@linux.ibm.com> gcc/ PR target/101830 * config/rs6000/rs6000-gen-builtins.c (consume_whitespace): Diagnose buffer overrun. (safe_inc_pos): Fix overrun detection. (match_identifier): Diagnose buffer overrun. (match_integer): Likewise. (match_to_right_bracket): Likewise. Diff: --- gcc/config/rs6000/rs6000-gen-builtins.c | 34 +++++++++++++++++++++++++++++---- 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/gcc/config/rs6000/rs6000-gen-builtins.c b/gcc/config/rs6000/rs6000-gen-builtins.c index e5d3b71b622..05b2d2939b5 100644 --- a/gcc/config/rs6000/rs6000-gen-builtins.c +++ b/gcc/config/rs6000/rs6000-gen-builtins.c @@ -597,6 +597,13 @@ consume_whitespace (void) { while (pos < LINELEN && isspace(linebuf[pos]) && linebuf[pos] != '\n') pos++; + + if (pos >= LINELEN) + { + diag ("line length overrun at %d.\n", pos); + exit (1); + } + return; } @@ -623,7 +630,7 @@ advance_line (FILE *file) static inline void safe_inc_pos (void) { - if (pos++ >= LINELEN) + if (++pos >= LINELEN) { (*diag) ("line length overrun.\n"); exit (1); @@ -636,9 +643,16 @@ static char * match_identifier (void) { int lastpos = pos - 1; - while (isalnum (linebuf[lastpos + 1]) || linebuf[lastpos + 1] == '_') + while (lastpos < LINELEN - 1 + && (isalnum (linebuf[lastpos + 1]) || linebuf[lastpos + 1] == '_')) ++lastpos; + if (lastpos >= LINELEN - 1) + { + diag ("line length overrun at %d.\n", lastpos); + exit (1); + } + if (lastpos < pos) return 0; @@ -660,9 +674,15 @@ match_integer (void) safe_inc_pos (); int lastpos = pos - 1; - while (isdigit (linebuf[lastpos + 1])) + while (lastpos < LINELEN - 1 && isdigit (linebuf[lastpos + 1])) ++lastpos; + if (lastpos >= LINELEN - 1) + { + diag ("line length overrun at %d.\n", lastpos); + exit (1); + } + if (lastpos < pos) return NULL; @@ -680,7 +700,7 @@ static const char * match_to_right_bracket (void) { int lastpos = pos - 1; - while (linebuf[lastpos + 1] != ']') + while (lastpos < LINELEN - 1 && linebuf[lastpos + 1] != ']') { if (linebuf[lastpos + 1] == '\n') { @@ -690,6 +710,12 @@ match_to_right_bracket (void) ++lastpos; } + if (lastpos >= LINELEN - 1) + { + diag ("line length overrun at %d.\n", lastpos); + exit (1); + } + if (lastpos < pos) return 0;
reply other threads:[~2021-08-23 21:00 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20210823210045.82C4E3858C2C@sourceware.org \ --to=wschmidt@gcc.gnu.org \ --cc=gcc-cvs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).