From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jason@sourceware.org>
Received: by sourceware.org (Postfix, from userid 2122)
 id 402C93858D39; Sat, 11 Dec 2021 04:58:24 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 402C93858D39
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
From: Jason Merrill <jason@gcc.gnu.org>
To: gcc-cvs@gcc.gnu.org, libstdc++-cvs@gcc.gnu.org
Subject: [gcc r12-5906] libstdc++: check length in string append [PR103534]
X-Act-Checkin: gcc
X-Git-Author: Jason Merrill <jason@redhat.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 0bceef1671adee52e9cc409d82e5f5590fed8d45
X-Git-Newrev: 2e8067041d1d69da02bd7578f58abc11eb35a04b
Message-Id: <20211211045824.402C93858D39@sourceware.org>
Date: Sat, 11 Dec 2021 04:58:24 +0000 (GMT)
X-BeenThere: libstdc++-cvs@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libstdc++-cvs mailing list <libstdc++-cvs.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/libstdc++-cvs>,
 <mailto:libstdc++-cvs-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/libstdc++-cvs/>
List-Help: <mailto:libstdc++-cvs-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/libstdc++-cvs>,
 <mailto:libstdc++-cvs-request@gcc.gnu.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Dec 2021 04:58:24 -0000

https://gcc.gnu.org/g:2e8067041d1d69da02bd7578f58abc11eb35a04b

commit r12-5906-g2e8067041d1d69da02bd7578f58abc11eb35a04b
Author: Jason Merrill <jason@redhat.com>
Date:   Fri Dec 10 11:21:50 2021 -0500

    libstdc++: check length in string append [PR103534]
    
    In the testcase for 103534 we get a warning about append leading to memcpy
    of a very large number of bytes overflowing the buffer.  This turns out to
    be because we weren't calling _M_check_length for string append.  Rather
    than do that directly, let's go through the public pointer append that calls
    it.
    
            PR c++/103534
    
    libstdc++-v3/ChangeLog:
    
            * include/bits/basic_string.h (append (basic_string)): Call pointer
            append instead of _M_append directly.
    
    gcc/testsuite/ChangeLog:
    
            * g++.dg/warn/Wstringop-overflow-8.C: New test.

Diff:
---
 libstdc++-v3/include/bits/basic_string.h         |  8 ++++----
 gcc/testsuite/g++.dg/warn/Wstringop-overflow-8.C | 10 ++++++++++
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/libstdc++-v3/include/bits/basic_string.h b/libstdc++-v3/include/bits/basic_string.h
index 4007a8d2d7c..3da2f8088ac 100644
--- a/libstdc++-v3/include/bits/basic_string.h
+++ b/libstdc++-v3/include/bits/basic_string.h
@@ -1382,7 +1382,7 @@ _GLIBCXX_BEGIN_NAMESPACE_CXX11
       _GLIBCXX20_CONSTEXPR
       basic_string&
       append(const basic_string& __str)
-      { return _M_append(__str._M_data(), __str.size()); }
+      { return this->append(__str._M_data(), __str.size()); }
 
       /**
        *  @brief  Append a substring.
@@ -1400,9 +1400,9 @@ _GLIBCXX_BEGIN_NAMESPACE_CXX11
       _GLIBCXX20_CONSTEXPR
       basic_string&
       append(const basic_string& __str, size_type __pos, size_type __n = npos)
-      { return _M_append(__str._M_data()
-			 + __str._M_check(__pos, "basic_string::append"),
-			 __str._M_limit(__pos, __n)); }
+      { return this->append(__str._M_data()
+			    + __str._M_check(__pos, "basic_string::append"),
+			    __str._M_limit(__pos, __n)); }
 
       /**
        *  @brief  Append a C substring.
diff --git a/gcc/testsuite/g++.dg/warn/Wstringop-overflow-8.C b/gcc/testsuite/g++.dg/warn/Wstringop-overflow-8.C
new file mode 100644
index 00000000000..d0ef5e73f93
--- /dev/null
+++ b/gcc/testsuite/g++.dg/warn/Wstringop-overflow-8.C
@@ -0,0 +1,10 @@
+// PR c++/103534
+// { dg-additional-options "-O -Wall" }
+
+#include <string>
+
+std::string foo(std::string x)
+{
+  // This used to get a bogus -Wstringop-overflow warning.
+  return std::string("1234567890123456") + x;
+}