public inbox for gcc-cvs@sourceware.org
help / color / mirror / Atom feed
From: Pierre-Marie de Rodat <pmderodat@gcc.gnu.org>
To: gcc-cvs@gcc.gnu.org
Subject: [gcc r13-590] [Ada] Prevent overflow in computation of aggregate size
Date: Wed, 18 May 2022 08:43:22 +0000 (GMT)	[thread overview]
Message-ID: <20220518084322.283903857413@sourceware.org> (raw)

https://gcc.gnu.org/g:16b8ba101f770503f363c095d7be5c055705b84b

commit r13-590-g16b8ba101f770503f363c095d7be5c055705b84b
Author: Piotr Trojanek <trojanek@adacore.com>
Date:   Thu Mar 31 20:56:58 2022 +0200

    [Ada] Prevent overflow in computation of aggregate size
    
    When computing size of a static aggregate to decide if it should be
    transformed into assignments and loops we could have an overflow check.
    This is mostly harmless, because colossal aggregates will likely crash
    the application anyway, no matter how we transform them.
    
    This was not detected because compiler was built with -gnatg switch that
    suppresses overflow checks (they are only enabled by an explicit -gnato
    switch).
    
    gcc/ada/
    
            * exp_aggr.adb (Component_Count): Calculate size as an Uint and
            only then check if it is in the range of Int, as otherwise the
            multiplication of Int values can overflow.

Diff:
---
 gcc/ada/exp_aggr.adb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gcc/ada/exp_aggr.adb b/gcc/ada/exp_aggr.adb
index 72f65555681..4714cab8bfa 100644
--- a/gcc/ada/exp_aggr.adb
+++ b/gcc/ada/exp_aggr.adb
@@ -661,10 +661,10 @@ package body Exp_Aggr is
 
                   declare
                      UI : constant Uint :=
-                            Expr_Value (Hi) - Expr_Value (Lo) + 1;
+                            (Expr_Value (Hi) - Expr_Value (Lo) + 1) * Siz;
                   begin
                      if UI_Is_In_Int_Range (UI) then
-                        return Siz * UI_To_Int (UI);
+                        return UI_To_Int (UI);
                      else
                         return Int'Last;
                      end if;


                 reply	other threads:[~2022-05-18  8:43 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220518084322.283903857413@sourceware.org \
    --to=pmderodat@gcc.gnu.org \
    --cc=gcc-cvs@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).