From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1962) id 73383383D803; Tue, 14 Jun 2022 09:08:25 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 73383383D803 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="utf-8" From: Stefan Liebler To: glibc-cvs@sourceware.org Subject: [glibc] Avoid -Wstringop-overflow= warning in iconv module. X-Act-Checkin: glibc X-Git-Author: Stefan Liebler X-Git-Refname: refs/heads/master X-Git-Oldrev: fdaf78656fb6cc7caeb7b4e37068e8a8bf4dc639 X-Git-Newrev: 876cdf517d1c464ce3d8f7eaf4199565e5592f16 Message-Id: <20220614090825.73383383D803@sourceware.org> Date: Tue, 14 Jun 2022 09:08:25 +0000 (GMT) X-BeenThere: glibc-cvs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Glibc-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2022 09:08:25 -0000 https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=876cdf517d1c464ce3d8f7eaf4199565e5592f16 commit 876cdf517d1c464ce3d8f7eaf4199565e5592f16 Author: Stefan Liebler Date: Fri Jun 3 14:52:51 2022 +0200 Avoid -Wstringop-overflow= warning in iconv module. On s390x when compiling with GCC 12, I get this warning: utf8-utf16-z9.c: ../iconv/loop.c: In function ‘__from_utf8_loop_etf3eh_single’: ../iconv/loop.c:445:22: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=] 445 | bytebuf[inlen++] = *inptr++; | ~~~~~~~~~~~~~~~~~^~~~~~~~~~ ../iconv/loop.c:381:17: note: at offset 4 into destination object ‘bytebuf’ of size 4 381 | unsigned char bytebuf[MAX_NEEDED_INPUT]; | ^~~~~~~ ../iconv/loop.c:445:22: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=] 445 | bytebuf[inlen++] = *inptr++; | ~~~~~~~~~~~~~~~~~^~~~~~~~~~ ../iconv/loop.c:381:17: note: at offset 5 into destination object ‘bytebuf’ of size 4 381 | unsigned char bytebuf[MAX_NEEDED_INPUT]; | ^~~~~~~ This patch tells the compiler that inend is always behind inptr which avoids the warning. Note that the SINGLE function is only used to implement the mb*towc*() or wc*tomb*() functions. Those functions use inptr and inend pointing to a variable on stack, compute the inend pointer or explicitly check the arguments which always leads to inptr < inend. Special notes for backporters (according to Siddhesh Poyarekar): If someone wants to backport this patch to release branches, they should also backport the following wcrtomb change. Otherwise the assumptions assumed by this patch are not true. commit 9bcd12d223a8990254b65e2dada54faa5d2742f3 Author: Siddhesh Poyarekar Date: Fri May 13 19:10:15 2022 +0530 wcrtomb: Make behavior POSIX compliant Reviewed-by: Siddhesh Poyarekar Diff: --- iconv/loop.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/iconv/loop.c b/iconv/loop.c index f8727a637a..09ade3b765 100644 --- a/iconv/loop.c +++ b/iconv/loop.c @@ -435,11 +435,17 @@ SINGLE(LOOPFCT) (struct __gconv_step *step, return __GCONV_FULL_OUTPUT; /* Now add characters from the normal input buffer. */ - if (inlen >= MAX_NEEDED_INPUT) + if (inlen >= MAX_NEEDED_INPUT || inptr >= inend) /* Avoid a -Wstringop-overflow= warning when this loop is unrolled. The compiler cannot otherwise see that this is unreachable because it depends on (state->__count & 7) not - being too large after a previous conversion step. */ + being too large after a previous conversion step. + Starting with GCC 12, we also have mark the inptr >= inend + case as unreachable to omit the warning. Note that this SINGLE + function is only used to implement the mb*towc*() or wc*tomb*() + functions. Those functions use inptr and inend pointing to a + variable on stack, compute the inend pointer or explicitly check + the arguments which always leads to inptr < inend. */ __builtin_unreachable (); do bytebuf[inlen++] = *inptr++;