From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from esa2.mentor.iphmx.com (esa2.mentor.iphmx.com [68.232.141.98]) by sourceware.org (Postfix) with ESMTPS id 77DD23858403 for ; Mon, 1 Nov 2021 22:10:49 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 77DD23858403 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=codesourcery.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=mentor.com IronPort-SDR: R6MDlSAnEBL7f9/ynt3tWKYN07DR795/Ycq1ZHwTzoc1/+A/xs97kFTC1zO2gIzCGVQuzlO+/i MkYDomhIH9QZbIsqntqmTnaJQlRROMIYUKgXykabHNlGCDPYpwOBlQcdptUP5Ute4I5J/yagst X974QXBtHwQ0hBdRv9GMKl0uij1h/MzuCA89c203cu1KjvcInaoCgt2wSnxWu8isO01tbHqWGt 0VFjZGiwQ9i+Zjch1/BD9IuKWqMXVxPShe7yhvRk3iz5q3scNwJauogHMAcgEYN7Q+GC/2AVS8 10nKJvWWqNp/bxM9YXtThfdT X-IronPort-AV: E=Sophos;i="5.87,201,1631606400"; d="scan'208";a="67916066" Received: from orw-gwy-01-in.mentorg.com ([192.94.38.165]) by esa2.mentor.iphmx.com with ESMTP; 01 Nov 2021 14:10:46 -0800 IronPort-SDR: mmbe2HeQkUjH1h9yDNgvLNPFfxuB/gOj0JsjFk0RWE7PMsgfDYJyuaSKn53Z+V/9VkdIgIFRv6 m3q2iBezs3nkuRgcS+WiIQn3yipKTdmzC7uoteE64emY6yVv4LlXOgl2xLzZ5q7yR+0ztZ0hvY 7gzpdYmszL8B/TnLuxArTCW25WktMCgI2hbNvY/lUFWOPR5SUjf5Jq2tUEs0UlwhohcYpsnZ7j epm1F2K5FV1iF/f4aXSctLNQmNi1QkzwraMfLKrgUWDkCt4Of9oRi2uxRocdFZsmeY835C4+n4 V0s= Date: Mon, 1 Nov 2021 22:10:40 +0000 From: Joseph Myers X-X-Sender: jsm28@digraph.polyomino.org.uk To: Marek Polacek CC: GCC Patches , Jakub Jelinek Subject: Re: [PATCH] libcpp: Implement -Wbidirectional for CVE-2021-42574 [PR103026] In-Reply-To: <20211101163652.36794-1-polacek@redhat.com> Message-ID: References: <20211101163652.36794-1-polacek@redhat.com> User-Agent: Alpine 2.22 (DEB 394 2020-01-19) MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" X-Originating-IP: [137.202.0.90] X-ClientProxiedBy: svr-ies-mbx-09.mgc.mentorg.com (139.181.222.9) To svr-ies-mbx-01.mgc.mentorg.com (139.181.222.1) X-Spam-Status: No, score=-3117.1 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS, KAM_DMARC_STATUS, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Nov 2021 22:10:53 -0000 On Mon, 1 Nov 2021, Marek Polacek via Gcc-patches wrote: > + /* We've read a bidi char, update the current vector as necessary. */ > + void on_char (kind k, bool ucn_p) > + { > + switch (k) > + { > + case kind::LRE: > + case kind::RLE: > + case kind::LRO: > + case kind::RLO: > + vec.push (ucn_p ? 3u : 1u); > + break; > + case kind::LRI: > + case kind::RLI: > + case kind::FSI: > + vec.push (ucn_p ? 2u : 0u); > + break; > + case kind::PDF: > + if (current_ctx () == kind::PDF) > + pop (); > + break; > + case kind::PDI: > + if (current_ctx () == kind::PDI) > + pop (); My understanding is that PDI should pop all intermediate PDF contexts outward to a PDI context, which it also pops. (But if it's embedded only in PDF contexts, with no PDI context containing it, it doesn't pop anything.) I think failing to handle that only means libcpp sometimes models there as being more bidirectional contexts open than there should be, so it might give spurious warnings when in fact all such contexts had been closed by end of string or comment. -- Joseph S. Myers joseph@codesourcery.com