+ /* An anti-range implies the original variable is signed and
+ its lower bound is negative and the upper bound positive.
+ Since that means that the expression's value could be zero
+ nothing interesting can be inferred from this. */
I'm not sure I agree with this
On 11/09/2016 03:49 PM, Martin Sebor wrote:
gcc-53562.diff
PR c/53562 - Add -Werror= support for -D_FORTIFY_SOURCE / __builtin___memcpy_chk
PR middle-end/77784 - duplicate warning for snprintf when n > object size
PR middle-end/78149 - missing warning on strncpy buffer overflow due to an
I lost track of this patch among all the others but I don't see
a reply to it in the archives.
https://gcc.gnu.org/ml/gcc-patches/2016-11/msg02173.html
The only controversial part about this one that I recall was whether
object size type 0 or 1 should be used for raw memory functions like
Ping: https://gcc.gnu.org/ml/gcc-patches/2016-11/msg00896.html
On 11/16/2016 08:58 AM, Martin Sebor wrote:
I'm still looking for a review of the patch below, first posted
on 10/28 and last updated/pinged last Wednesday:
https://gcc.gnu.org/ml/gcc-patches/2016-11/msg00896.html
Thanks
On
[ I'm catching up on a variety of things... So apologies if y'all
have settled these issues. ]
On 11/02/2016 01:32 PM, Jakub Jelinek wrote:
But obviously not all levels of the warning can/should be enabled
with -Wall/-Werror. There are cases which are worth warning by default
(the case
I'm still looking for a review of the patch below, first posted
on 10/28 and last updated/pinged last Wednesday:
https://gcc.gnu.org/ml/gcc-patches/2016-11/msg00896.html
Thanks
On 11/09/2016 03:49 PM, Martin Sebor wrote:
The attached minor update to the patch also resolves bug 77784 that
The attached minor update to the patch also resolves bug 77784 that
points out that -Wformat-length issues a warning also issued during
the expansion of some of the __builtin___sprintf_chk intrinsics.
Martin
On 11/04/2016 02:16 PM, Martin Sebor wrote:
Attached is an update to the patch that
But obviously not all levels of the warning can/should be enabled
with -Wall/-Werror. There are cases which are worth warning by default
(the case where we want to inform the user if you reach this stmt,
you'll get your program killed (will call __chk_fail)) is something
that ought like before
Attached is an update to the patch that takes into consideration
the feedback I got. It goes back to adding just one option,
-Wstringop-overflow, as in the original, while keeping the Object
Size type as an argument. It uses type-1 as the default setting
for string functions (strcpy et al.)
On Wed, Nov 02, 2016 at 10:55:23AM -0600, Martin Sebor wrote:
> >That's an unfair assertion in light of the numbers above.
> >
> >>If you want a warning for suspicious calls, sure, but
> >>1) it has to be clearly worded significantly differently from how do you
> >> word it, so that users really
Sure, they might and in that case the warning would be a false
positive. It wouldn't be the first such warning that wasn't 100%
free of them. But my testing with Binutils, GCC, and the Linux
kernel has exposed only 10 instances of new warnings and I don't
think I saw this idiom among them. But
On 11/02/2016 01:37 AM, Jakub Jelinek wrote:
On Tue, Nov 01, 2016 at 08:55:03PM -0600, Martin Sebor wrote:
struct S {
int a, b, c, d;
};
#define bos(p, t) __builtin_object_size (p, t)
#define memset0(p, i, n) __builtin___memset_chk (p, i, n, bos (p, 0))
#define memset1(p, i, n)
On Tue, Nov 01, 2016 at 08:55:03PM -0600, Martin Sebor wrote:
> struct S {
> int a, b, c, d;
> };
>
> #define bos(p, t) __builtin_object_size (p, t)
> #define memset0(p, i, n) __builtin___memset_chk (p, i, n, bos (p, 0))
> #define memset1(p, i, n) __builtin___memset_chk (p, i, n, bos (p, 1))
>
On 11/01/2016 01:14 PM, Jakub Jelinek wrote:
On Tue, Nov 01, 2016 at 01:12:55PM -0600, Jeff Law wrote:
On 11/01/2016 08:10 AM, Jakub Jelinek wrote:
On Mon, Oct 31, 2016 at 08:39:15PM -0600, Martin Sebor wrote:
Attached is an updated patch that works around the problem with
the definition of
On Tue, Nov 01, 2016 at 01:12:55PM -0600, Jeff Law wrote:
> On 11/01/2016 08:10 AM, Jakub Jelinek wrote:
> >On Mon, Oct 31, 2016 at 08:39:15PM -0600, Martin Sebor wrote:
> >>Attached is an updated patch that works around the problem with
> >>the definition of the NOTE_DATA macro discussed below.
On 11/01/2016 08:10 AM, Jakub Jelinek wrote:
On Mon, Oct 31, 2016 at 08:39:15PM -0600, Martin Sebor wrote:
Attached is an updated patch that works around the problem with
the definition of the NOTE_DATA macro discussed below. I've
raised bug 78174 for it and temporarily worked around it in
the
On Mon, Oct 31, 2016 at 08:39:15PM -0600, Martin Sebor wrote:
> Attached is an updated patch that works around the problem with
> the definition of the NOTE_DATA macro discussed below. I've
> raised bug 78174 for it and temporarily worked around it in
> the patch. I'll see if I can come up with
Attached is an updated patch that works around the problem with
the definition of the NOTE_DATA macro discussed below. I've
raised bug 78174 for it and temporarily worked around it in
the patch. I'll see if I can come up with a patch to fix the
macro the "right way" but would prefer to do that
On 10/31/2016 06:39 AM, Tobias Burnus wrote:
Martin Sebor wrote:
Attached is an updated patch that adds checks for excessive sizes
and bounds (those in excess of SIZE_MAX / 2), and also enables
the same checking for strcat and strncat). This version also
fixes an issue with the interpretation
Martin Sebor wrote:
> Attached is an updated patch that adds checks for excessive sizes
> and bounds (those in excess of SIZE_MAX / 2), and also enables
> the same checking for strcat and strncat). This version also
> fixes an issue with the interpretation of anti-ranges in the
> first patch.
Attached is an updated patch that adds checks for excessive sizes
and bounds (those in excess of SIZE_MAX / 2), and also enables
the same checking for strcat and strncat). This version also
fixes an issue with the interpretation of anti-ranges in the
first patch. The improvements exposed two
The attached patch enhances the compile-time detection of buffer
overflow in functions like __builtin___memcpy_chk to consider
non-constant lengths known to be in a certain range and warn
when the lower bound of the range doesn't fit in the destination
object.
The patch does the same thing for
22 matches
Mail list logo
