Re: [PATCH v2 2/5] avoid -Wuse-after-free [BZ #26779]

[Carlos O'Donell <carlos@redhat.com>]

On 1/24/22 19:58, Martin Sebor via Libc-alpha wrote:
> On 1/24/22 17:52, Martin Sebor wrote:
>> This is a repost of the original patch but broken down by source
>> file and with some suppression done by #pragma GCC diagnostic
>> instead of conversion to intptr_t.  It also adds fixes for
>> the same problem in the test suite that I overlooked before.
> 
> The attached patch suppresses the -Wuse-after-free instance in
> intl/localealias.c.
> 
>>
>> On 1/15/22 17:21, Martin Sebor wrote:
>>> GCC 12 features a couple of new warnings designed to detect uses
>>> of pointers made invalid by the pointees lifetimes having ended.
>>> Building Glibc with the enhanced GCC exposes a few such uses,
>>> mostly after successful calls to realloc.  The attached patch
>>> avoids the new warnings by converting the pointers to uintptr_t
>>> first and using the converted integers instead.
>>>
>>> The patch suppresses all instances of the warning at the strictest
>>> setting (-Wuse-after-free=3), which includes even uses in equality
>>> expressions.  The default setting approved for GCC 12 is
>>> -Wuse-after-free=2, which doesn't warn on such uses to accommodate
>>> the pointer-adjustment-after-realloc idiom.  At the default setting,
>>> the changes to ldconfig.c and setenv are not necessary.
>>>
>>> Martin
>>

OK for glibc 2.35, please push this commit.

This file is shared with GNU Gettext, and the upstream gettext code still uses
pointers into the reallocated block.

Expected commit message (three lines):
~~~
intl: Avoid -Wuse-after-free [BZ #26779]

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
~~~

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

> diff --git a/intl/localealias.c b/intl/localealias.c
> index 3ae360f40d..b36092363a 100644
> --- a/intl/localealias.c
> +++ b/intl/localealias.c
> @@ -318,7 +318,15 @@ read_alias_file (const char *fname, int fname_len)
>  
>  		  if (string_space_act + alias_len + value_len > string_space_max)
>  		    {
> -		      /* Increase size of memory pool.  */
> +#pragma GCC diagnostic push
> +
> +#if defined __GNUC__ && __GNUC__ >= 12
> +  /* Suppress the valid GCC 12 warning until the code below is changed
> +     to avoid using pointers to the reallocated block.  */
> +#  pragma GCC diagnostic ignored "-Wuse-after-free"
> +#endif

OK. Need to use general pragma because this is shared with upstream GNU Gettext.

> +
> +		    /* Increase size of memory pool.  */
>  		      size_t new_size = (string_space_max
>  					 + (alias_len + value_len > 1024
>  					    ? alias_len + value_len : 1024));
> @@ -351,6 +359,8 @@ read_alias_file (const char *fname, int fname_len)
>  					   value, value_len);
>  		  string_space_act += value_len;
>  
> +#pragma GCC diagnostic pop

OK.

> +
>  		  ++nmap;
>  		  ++added;
>  		}

-- 
Cheers,
Carlos.