Marius =?utf-8?q?Dörner?= <[email protected]> Message-ID: In-Reply-To: <llvm.org/llvm/llvm-project/pull/[email protected]>
https://github.com/mariusdr updated https://github.com/llvm/llvm-project/pull/180424 >From ec664c130854c7a6d5b1ff9937a5d5adb720d4b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marius=20D=C3=B6rner?= <[email protected]> Date: Sun, 8 Feb 2026 17:57:47 +0100 Subject: [PATCH 1/2] [clang] Check upperbound for attribute param index Fixes #176638 The `ParamIdx` class encodes attribute's parameter indexes in 30 bits, check if assignments overflow and issue an "attribute parameter out of bounds" error in that case. --- clang/include/clang/AST/Attr.h | 5 ++++- clang/include/clang/Sema/Sema.h | 5 +++-- clang/test/Sema/nonnull.c | 5 +++++ 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/clang/include/clang/AST/Attr.h b/clang/include/clang/AST/Attr.h index 6c38437e88a44..45851f7392af3 100644 --- a/clang/include/clang/AST/Attr.h +++ b/clang/include/clang/AST/Attr.h @@ -275,8 +275,11 @@ class ParameterABIAttr : public InheritableParamAttr { /// A single parameter index whose accessors require each use to make explicit /// the parameter index encoding needed. class ParamIdx { +public: + constexpr static unsigned IdxBitWidth = 30; +private: // Idx is exposed only via accessors that specify specific encodings. - unsigned Idx : 30; + unsigned Idx : IdxBitWidth; LLVM_PREFERRED_TYPE(bool) unsigned HasThis : 1; LLVM_PREFERRED_TYPE(bool) diff --git a/clang/include/clang/Sema/Sema.h b/clang/include/clang/Sema/Sema.h index fe4616d89df89..14cedc36a7897 100644 --- a/clang/include/clang/Sema/Sema.h +++ b/clang/include/clang/Sema/Sema.h @@ -5186,8 +5186,9 @@ class Sema final : public SemaBase { return false; } - unsigned IdxSource = IdxInt->getLimitedValue(UINT_MAX); - if (IdxSource < 1 || + constexpr unsigned Limit = 1 << ParamIdx::IdxBitWidth; + unsigned IdxSource = IdxInt->getLimitedValue(Limit); + if (IdxSource < 1 || IdxSource == Limit || ((!IV || !CanIndexVariadicArguments) && IdxSource > NumParams)) { Diag(getAttrLoc(AI), diag::err_attribute_argument_out_of_bounds) << &AI << AttrArgNum << IdxExpr->getSourceRange(); diff --git a/clang/test/Sema/nonnull.c b/clang/test/Sema/nonnull.c index 0b30243f21d58..9f3ce2623480f 100644 --- a/clang/test/Sema/nonnull.c +++ b/clang/test/Sema/nonnull.c @@ -176,3 +176,8 @@ void pr30828(char *p) {} void call_pr30828(void) { pr30828(0); // expected-warning {{null passed to a callee that requires a non-null argument}} } + +void gh176638_1(int (*g)(const char *h, ...) __attribute__((nonnull(2147483648))) __attribute__((nonnull))) {} // expected-error {{attribute parameter 1 is out of bounds}} +void gh176638_2(int (*g)(const char *h, ...) __attribute__((nonnull(1073741825))) __attribute__((nonnull))) {} // expected-error {{attribute parameter 1 is out of bounds}} +void gh176638_3(int (*g)(const char *h, ...) __attribute__((nonnull(1073741824))) __attribute__((nonnull))) {} // expected-error {{attribute parameter 1 is out of bounds}} +void gh176638_4(int (*g)(const char *h, ...) __attribute__((nonnull(1073741823))) __attribute__((nonnull))) {} // no-warning >From aeab9589d3d3d23cf897d518a22f1f56f819bdb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marius=20D=C3=B6rner?= <[email protected]> Date: Sun, 8 Feb 2026 18:14:04 +0100 Subject: [PATCH 2/2] format --- clang/include/clang/AST/Attr.h | 1 + 1 file changed, 1 insertion(+) diff --git a/clang/include/clang/AST/Attr.h b/clang/include/clang/AST/Attr.h index 45851f7392af3..0f9fc01391c30 100644 --- a/clang/include/clang/AST/Attr.h +++ b/clang/include/clang/AST/Attr.h @@ -277,6 +277,7 @@ class ParameterABIAttr : public InheritableParamAttr { class ParamIdx { public: constexpr static unsigned IdxBitWidth = 30; + private: // Idx is exposed only via accessors that specify specific encodings. unsigned Idx : IdxBitWidth; _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
