http://llvm.org/bugs/show_bug.cgi?id=9256
Summary: clang: support for kernel code model: pointer
arithmetic that overflows is not impossible!
Product: clang
Version: trunk
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P
Component: -New Bugs
AssignedTo: [email protected]
ReportedBy: [email protected]
CC: [email protected]
Depends on: 4068
Just a reminder that kernel/s lib/vsprintf.c still needs this patch, because
pointer arithmetic overflows, and clang's optimizer assume pointer arithmetic
never overflows.
In the kernel it is very much possible to overflow, and we must calculate the
correct value, because it is then used in an 'if' for bounds checking.
diff --git a/lib/vsprintf.c b/lib/vsprintf.c
index c150d3d..8791762 100644
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -1294,7 +1294,10 @@ int vsnprintf(char *buf, size_t size, const char *fmt,
va_list args)
return 0;
str = buf;
- end = buf + size;
+ /* LLVM local */
+ end = RELOC_HIDE(buf, size);
+ /* LLVM local end */
+
/* Make sure end is always >= buf */
if (end < buf) {
--
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs
