From: Steve Baird Date: Sat, 18 Jan 2020 06:10:13 +0000 (-0800) Subject: [Ada] Avoid buffer overflow in Long_Long_Float_Text_IO X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=b5682bf40cedf95d1e0150c6a6ba7a64c59fd968;p=gcc.git [Ada] Avoid buffer overflow in Long_Long_Float_Text_IO 2020-06-04 Steve Baird gcc/ada/ * libgnat/s-imgrea.ads: Declare a named number Max_Real_Image_Length with value 5200. Provide a comment explaining why this value was chosen. * libgnat/s-imgrea.adb (Set_Image_Real): Increase the upper bound of the local String variable Digs to Max_Real_Image_Length. * libgnat/a-tiflau.adb (Put): Increase the upper bound of the local String variable Buf to Max_Real_Image_Length. (Puts): Increase the upper bound of the local String variable Buf to Max_Real_Image_Length. --- diff --git a/gcc/ada/libgnat/a-tiflau.adb b/gcc/ada/libgnat/a-tiflau.adb index 25d78ca8884..214b5c8f2c3 100644 --- a/gcc/ada/libgnat/a-tiflau.adb +++ b/gcc/ada/libgnat/a-tiflau.adb @@ -194,7 +194,7 @@ package body Ada.Text_IO.Float_Aux is Aft : Field; Exp : Field) is - Buf : String (1 .. 3 * Field'Last + 2); + Buf : String (1 .. Max_Real_Image_Length); Ptr : Natural := 0; begin @@ -212,7 +212,7 @@ package body Ada.Text_IO.Float_Aux is Aft : Field; Exp : Field) is - Buf : String (1 .. 3 * Field'Last + 2); + Buf : String (1 .. Max_Real_Image_Length); Ptr : Natural := 0; begin diff --git a/gcc/ada/libgnat/s-imgrea.adb b/gcc/ada/libgnat/s-imgrea.adb index 642724b3af7..68b1fdc6ffd 100644 --- a/gcc/ada/libgnat/s-imgrea.adb +++ b/gcc/ada/libgnat/s-imgrea.adb @@ -151,14 +151,9 @@ package body System.Img_Real is Scale : Integer; Expon : Integer; - Field_Max : constant := 255; - -- This should be the same value as Ada.[Wide_]Text_IO.Field'Last. - -- It is not worth dragging in Ada.Text_IO to pick up this value, - -- since it really should never be necessary to change it. - - Digs : String (1 .. 2 * Field_Max + 16); - -- Array used to hold digits of converted integer value. This is a - -- large enough buffer to accommodate ludicrous values of Fore and Aft. + Digs : String (1 .. Max_Real_Image_Length); + -- Array used to hold digits of converted integer value. This is a large + -- enough buffer to accommodate ludicrous Fore/Aft/Exp combinations. Ndigs : Natural; -- Number of digits stored in Digs (and also subscript of last digit) diff --git a/gcc/ada/libgnat/s-imgrea.ads b/gcc/ada/libgnat/s-imgrea.ads index 8adb6230645..9711516164c 100644 --- a/gcc/ada/libgnat/s-imgrea.ads +++ b/gcc/ada/libgnat/s-imgrea.ads @@ -73,4 +73,9 @@ package System.Img_Real is -- can be set to any valid values for the case of use from Text_IO. Note -- that no space is stored at the start for non-negative values. + Max_Real_Image_Length : constant := 5200; + -- If Exp is set to zero and Aft is set to Text_IO.Field'Last (i.e., 255) + -- then Long_Long_Float'Last generates an image whose length is + -- slightly less than 5200. + end System.Img_Real;