subject:"\[Bug middle\-end\/84831\] Invalid memory read in parse_output

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

2018-03-13 Thread jakub at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84831

Jakub Jelinek  changed:

   What|Removed |Added

 Status|ASSIGNED|RESOLVED
 Resolution|--- |FIXED

--- Comment #7 from Jakub Jelinek  ---
Fixed.

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

2018-03-13 Thread jakub at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84831

--- Comment #6 from Jakub Jelinek  ---
Author: jakub
Date: Tue Mar 13 08:12:07 2018
New Revision: 258478

URL: https://gcc.gnu.org/viewcvs?rev=258478=gcc=rev
Log:
PR middle-end/84831
* stmt.c (parse_output_constraint): If the CONSTRAINT_LEN (*p, p)
characters starting at p contain '\0' character, don't look beyond
that.

Modified:
trunk/gcc/ChangeLog
trunk/gcc/stmt.c

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

2018-03-12 Thread hjl.tools at gmail dot com

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84831

--- Comment #5 from H.J. Lu  ---
(In reply to Jakub Jelinek from comment #4)
> diff -upbd of that for better readability.
> 
> --- gcc/stmt.c.jj 2018-01-03 10:19:55.150533956 +0100
> +++ gcc/stmt.c2018-03-12 13:25:03.790733765 +0100
> @@ -247,7 +247,8 @@ parse_output_constraint (const char **co
>  }
>  
>/* Loop through the constraint string.  */
> -  for (p = constraint + 1; *p; p += CONSTRAINT_LEN (*p, p))
> +  for (p = constraint + 1; *p; )
> +{
>  switch (*p)
>{
>case '+':
> @@ -304,6 +305,11 @@ parse_output_constraint (const char **co
>   break;
>}
>  
> +  for (size_t len = CONSTRAINT_LEN (*p, p); len; len--, p++)
> + if (*p == '\0')
> +   break;
> +}
> +
>return true;
>  }
>  
> 

Both patches should work.  I have no preference.  Thanks.

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

2018-03-12 Thread jakub at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84831

--- Comment #4 from Jakub Jelinek  ---
diff -upbd of that for better readability.

--- gcc/stmt.c.jj   2018-01-03 10:19:55.150533956 +0100
+++ gcc/stmt.c  2018-03-12 13:25:03.790733765 +0100
@@ -247,7 +247,8 @@ parse_output_constraint (const char **co
 }

   /* Loop through the constraint string.  */
-  for (p = constraint + 1; *p; p += CONSTRAINT_LEN (*p, p))
+  for (p = constraint + 1; *p; )
+{
 switch (*p)
   {
   case '+':
@@ -304,6 +305,11 @@ parse_output_constraint (const char **co
break;
   }

+  for (size_t len = CONSTRAINT_LEN (*p, p); len; len--, p++)
+   if (*p == '\0')
+ break;
+}
+
   return true;
 }


Note, I was wrong about insufficient, your patch was sufficient, I was
initially also changing parse_input_constraint but it turned out to be
unnecessary.

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

2018-03-12 Thread jakub at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84831

--- Comment #3 from Jakub Jelinek  ---
Created attachment 43630
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=43630=edit
gcc8-pr84831.patch

Untested fix (large only because of the reindentation).

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

2018-03-12 Thread jakub at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84831

Jakub Jelinek  changed:

   What|Removed |Added

 Status|NEW |ASSIGNED
 CC||jakub at gcc dot gnu.org
   Assignee|unassigned at gcc dot gnu.org  |jakub at gcc dot gnu.org

--- Comment #2 from Jakub Jelinek  ---
That is not efficient and is insufficient.  I'll handle this.

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

2018-03-12 Thread hjl.tools at gmail dot com

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84831

H.J. Lu  changed:

   What|Removed |Added

 Status|UNCONFIRMED |NEW
   Last reconfirmed||2018-03-12
 Ever confirmed|0   |1

--- Comment #1 from H.J. Lu  ---
I am testing this:

diff --git a/gcc/stmt.c b/gcc/stmt.c
index 457fe7f6f78..3a3ff40b682 100644
--- a/gcc/stmt.c
+++ b/gcc/stmt.c
@@ -222,11 +222,12 @@ parse_output_constraint (const char **constraint_p, int
op
erand_num,
  from and written to.  */
   *is_inout = (*p == '+');

+  size_t c_len = strlen (constraint);
+
   /* Canonicalize the output constraint so that it begins with `='.  */
   if (p != constraint || *is_inout)
 {
   char *buf;
-  size_t c_len = strlen (constraint);

   if (p != constraint)
warning (0, "output constraint %qc for operand %d "
@@ -247,7 +248,10 @@ parse_output_constraint (const char **constraint_p, int
ope
rand_num,
 }

   /* Loop through the constraint string.  */
-  for (p = constraint + 1; *p; p += CONSTRAINT_LEN (*p, p))
+  const char *constraint_end = constraint + c_len;
+  for (p = constraint + 1;
+   p <= constraint_end && *p;
+   p += CONSTRAINT_LEN (*p, p))
 switch (*p)
   {
   case '+':

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

[Bug middle-end/84831] Invalid memory read in parse_output_constraint

7 matches

Site Navigation

Mail list logo

Footer information