From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id D8D9B3857727 for ; Mon, 26 Jun 2023 16:44:22 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org D8D9B3857727 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1687797862; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=SNyKPDqmFfeecRSxefsoi5fIz/tEikmxxzkjdcQ0gAU=; b=S0MMNg5T9P5f0AB4/0E6hmR0RNQg0ZgNs5SiqAykhc4R+cpJ33ioNuBFTKKUjEsWme23Rg g20lwoHkrIQ59XbSNlKd8pPCNsPY6eZLdzE3Dh+4Spl46weSHG+gjd4T4dL3UalImI6Of5 LAR1ZMz8q2xf9GRkrCOy6XFY0WFF+1s= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-517-4Wv5ld5jPfaFb-mPUuD6Zg-1; Mon, 26 Jun 2023 12:44:17 -0400 X-MC-Unique: 4Wv5ld5jPfaFb-mPUuD6Zg-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id AE1863C13949; Mon, 26 Jun 2023 16:44:05 +0000 (UTC) Received: from localhost (unknown [10.42.28.110]) by smtp.corp.redhat.com (Postfix) with ESMTP id 79222200B677; Mon, 26 Jun 2023 16:44:05 +0000 (UTC) From: Jonathan Wakely To: libstdc++@gcc.gnu.org, gcc-patches@gcc.gnu.org Subject: [committed] libstdc++: Fix std::format for pointers [PR110239] Date: Mon, 26 Jun 2023 17:43:51 +0100 Message-ID: <20230626164404.270512-1-jwakely@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-12.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE,TXREP,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Tested x86_64-linux. Pushed to trunk. -- >8 -- The formatter for pointers was casting to uint64_t which sign extends a 32-bit pointer and produces a value that won't fit in the provided buffer. Cast to uintptr_t instead. There was also a bug in the __parse_integer helper when converting a wide string to a narrow string in order to use std::from_chars on it. The function would always try to read 32 characters, even if the format string was shorter than that. Fix that bug, and remove the constexpr implementation of __parse_integer by just using __from_chars_alnum instead of from_chars, because that's usable in constexpr even in C++20. libstdc++-v3/ChangeLog: PR libstdc++/110239 * include/std/format (__format::__parse_integer): Fix buffer overflow for wide chars. (formatter::format): Cast to uintptr_t instead of uint64_t. * testsuite/std/format/string.cc: Test too-large widths. --- libstdc++-v3/include/std/format | 33 +++++++-------------- libstdc++-v3/testsuite/std/format/string.cc | 5 ++++ 2 files changed, 15 insertions(+), 23 deletions(-) diff --git a/libstdc++-v3/include/std/format b/libstdc++-v3/include/std/format index 96a1e62ccc8..9d5981e4882 100644 --- a/libstdc++-v3/include/std/format +++ b/libstdc++-v3/include/std/format @@ -269,39 +269,26 @@ namespace __format if (__first == __last) __builtin_unreachable(); - // TODO: use this loop unconditionally? - // Most integers used for arg-id, width or precision will be small. - if (is_constant_evaluated()) - { - auto __next = __first; - unsigned short __val = 0; - while (__next != __last && '0' <= *__next && *__next <= '9') - { - __val = (__val * 10) + (*__next - '0'); // TODO check overflow? - ++__next; - } - if (__next == __first) - return {0, nullptr}; - return {__val, __next}; - } - - unsigned short __val = 0; if constexpr (is_same_v<_CharT, char>) { - auto [ptr, ec] = std::from_chars(__first, __last, __val); - if (ec == errc{}) - return {__val, ptr}; - return {0, nullptr}; + const auto __start = __first; + unsigned short __val = 0; + // N.B. std::from_chars is not constexpr in C++20. + if (__detail::__from_chars_alnum(__first, __last, __val, 10) + && __first != __start) [[likely]] + return {__val, __first}; } else { + unsigned short __val = 0; constexpr int __n = 32; char __buf[__n]{}; - for (int __i = 0; __i < __n && __first != __last; ++__i) + for (int __i = 0; __i < __n && (__first + __i) != __last; ++__i) __buf[__i] = __first[__i]; auto [__v, __ptr] = __format::__parse_integer(__buf, __buf + __n); return {__v, __first + (__ptr - __buf)}; } + return {0, nullptr}; } template @@ -2118,7 +2105,7 @@ namespace __format typename basic_format_context<_Out, _CharT>::iterator format(const void* __v, basic_format_context<_Out, _CharT>& __fc) const { - auto __u = reinterpret_cast<__UINT64_TYPE__>(__v); + auto __u = reinterpret_cast<__UINTPTR_TYPE__>(__v); char __buf[2 + sizeof(__v) * 2]; auto [__ptr, __ec] = std::to_chars(__buf + 2, std::end(__buf), __u, 16); diff --git a/libstdc++-v3/testsuite/std/format/string.cc b/libstdc++-v3/testsuite/std/format/string.cc index e421028a873..d28135ec260 100644 --- a/libstdc++-v3/testsuite/std/format/string.cc +++ b/libstdc++-v3/testsuite/std/format/string.cc @@ -121,6 +121,11 @@ test_format_spec() // Invalid presentation types for strings. VERIFY( ! is_format_string_for("{:S}", "str") ); VERIFY( ! is_format_string_for("{:d}", "str") ); + + // Maximum integer value supported for widths and precisions is USHRT_MAX. + VERIFY( is_format_string_for("{:65535}", 1) ); + VERIFY( ! is_format_string_for("{:65536}", 1) ); + VERIFY( ! is_format_string_for("{:9999999}", 1) ); } int main() -- 2.41.0