From: Martin Sebor <msebor@gmail.com>
To: Jeff Law <law@redhat.com>, Gcc Patch List <gcc-patches@gcc.gnu.org>
Subject: Re: [PATCH 0/6] improve handling of char arrays with missing nul (PR 86552, 86711, 86714)
Date: Wed, 15 Aug 2018 14:47:00 -0000 [thread overview]
Message-ID: <0bf707ad-a28f-ab08-cdd9-28dd47a4a2eb@gmail.com> (raw)
In-Reply-To: <1deebf5b-f41f-1e2c-c278-a67017cbe201@redhat.com>
On 08/15/2018 12:02 AM, Jeff Law wrote:
> On 08/13/2018 03:23 PM, Martin Sebor wrote:
>> To make reviewing the changes easier I've split up the patch
>> into a series:
> [ ... ]
> I'm about done for the night and thus won't get into the series (and as
> you know Bernd has a competing patch in this space). But I did want to
> chime in on two things...
>
>>
>> There are many more string functions where unterminated (constant
>> or otherwise) should be diagnosed. I plan to continue to work on
>> those (with the constant ones first) but I want to post this
>> updated patch for review now, mainly so that the wrong code bug
>> (PR 86711) can be resolved and the basic detection infrastructure
>> agreed on.
> Yes, I think we definitely want to focus on the wrong code bug first.
>
>>
>> An open question in my mind is what should GCC do with such calls
>> after issuing a warning: replace them with traps? Fold them into
>> constants? Or continue to pass them through to the corresponding
>> library functions?
> My personal preference is to turn them into traps. I don't think we
> have to preserve the call itself in this case. I think the sequencing
> is to insert the trap before the call point, split the block after the
> trap, remove the outgoing edges, let DCE clean up the rest. At least I
> think that's the sequencing.
That sounds fine to me. It would be close in its effects to
what _FORTIFY_SOURCE does.
It would be helpful to get a broader consensus on this and start
adopting the same consistent solution in all contexts. The question
has come up a few times, most recently also in PR 86519 (folding
memcmp(a, "a", 3)) where GCC ends up calling the library function.
FWIW, if there are other preferences it might be worthwhile to
consider providing an option to control the behavior in these
cases. There may also be interactions with or implications for
the sanitizers to consider.
Once there is agreement on what the solution should be I can look
into implementing it at some point in the future.
Martin
next prev parent reply other threads:[~2018-08-15 14:47 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-19 20:09 [PATCH] warn for strlen of arrays with missing nul (PR 86552) Martin Sebor
2018-07-25 23:38 ` PING " Martin Sebor
2018-07-30 19:18 ` Martin Sebor
2018-08-02 2:44 ` PING [PATCH] warn for strlen of arrays with missing nul (PR 86552, 86711, 86714) ) Martin Sebor
2018-08-02 13:26 ` Bernd Edlinger
2018-08-02 18:56 ` Bernd Edlinger
2018-08-02 20:34 ` Martin Sebor
2018-08-03 13:01 ` Bernd Edlinger
2018-08-03 19:59 ` Martin Sebor
2018-08-15 5:31 ` Jeff Law
2018-08-29 17:17 ` Jeff Law
2018-08-24 6:36 ` Jeff Law
2018-08-24 12:28 ` Bernd Edlinger
2018-08-24 16:04 ` Jeff Law
2018-08-24 21:56 ` Bernd Edlinger
2018-08-24 16:51 ` Jeff Law
2018-08-24 17:26 ` Bernd Edlinger
2018-08-24 23:54 ` Jeff Law
2018-08-25 6:32 ` Bernd Edlinger
2018-08-25 17:33 ` Jeff Law
2018-08-25 18:36 ` Bernd Edlinger
2018-08-25 19:02 ` Jeff Law
2018-08-25 19:32 ` Bernd Edlinger
2018-08-25 20:42 ` Martin Sebor
2018-08-26 10:20 ` Bernd Edlinger
2018-08-25 23:22 ` Jeff Law
2018-08-17 5:15 ` Jeff Law
2018-08-17 14:38 ` Martin Sebor
2018-08-13 21:23 ` [PATCH 0/6] improve handling of char arrays with missing nul (PR 86552, 86711, 86714) Martin Sebor
2018-08-13 21:25 ` [PATCH 1/6] prevent folding of unterminated const arrays in memchr calls (PR " Martin Sebor
2018-08-13 21:27 ` [PATCH 3/6] detect unterminated const arrays in strcpy calls (PR 86552) Martin Sebor
2018-08-30 22:31 ` Jeff Law
2018-08-13 21:28 ` [PATCH 4/6] detect unterminated const arrays in sprintf " Martin Sebor
2018-08-30 22:55 ` Jeff Law
2018-08-13 21:29 ` [PATCH 5/6] detect unterminated const arrays in stpcpy " Martin Sebor
2018-08-30 23:07 ` Jeff Law
2018-09-14 18:39 ` Jeff Law
2018-08-13 21:29 ` [PATCH 6/6] detect unterminated const arrays in strnlen " Martin Sebor
2018-08-30 23:25 ` Jeff Law
2018-10-01 21:49 ` Jeff Law
2018-08-14 3:21 ` [PATCH 2/6] detect unterminated const arrays in strlen " Martin Sebor
2018-08-30 22:15 ` Jeff Law
2018-08-31 2:25 ` Martin Sebor
2018-08-15 6:02 ` [PATCH 0/6] improve handling of char arrays with missing nul (PR 86552, 86711, 86714) Jeff Law
2018-08-15 14:47 ` Martin Sebor [this message]
2018-08-15 15:42 ` Jeff Law
2018-08-24 10:13 ` Richard Biener
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0bf707ad-a28f-ab08-cdd9-28dd47a4a2eb@gmail.com \
--to=msebor@gmail.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=law@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).