From e613205cefe50e429bafba2bc4cb71126b1f36df Mon Sep 17 00:00:00 2001 From: David Malcolm Date: Wed, 30 Nov 2016 14:50:43 +0000 Subject: [PATCH] libiberty: avoid reading past end of buffer in strndup/xstrndup (PR c/78498) gcc/ChangeLog: PR c/78498 * selftest.c (selftest::assert_strndup_eq): New function. (selftest::test_strndup): New function. (selftest::test_libiberty): New function. (selftest::selftest_c_tests): Call test_libiberty. gcc/testsuite/ChangeLog: PR c/78498 * gcc.dg/format/pr78494.c: New test case. libiberty/ChangeLog: PR c/78498 * strndup.c (strlen): Delete decl. (strnlen): Add decl. (strndup): Call strnlen rather than strlen. * xstrndup.c (xstrndup): Likewise. From-SVN: r243030 --- gcc/ChangeLog | 8 +++++ gcc/selftest.c | 48 +++++++++++++++++++++++++++ gcc/testsuite/ChangeLog | 5 +++ gcc/testsuite/gcc.dg/format/pr78494.c | 12 +++++++ libiberty/ChangeLog | 8 +++++ libiberty/strndup.c | 7 ++-- libiberty/xstrndup.c | 5 +-- 7 files changed, 84 insertions(+), 9 deletions(-) create mode 100644 gcc/testsuite/gcc.dg/format/pr78494.c diff --git a/gcc/ChangeLog b/gcc/ChangeLog index 97daa79d06b..378ffa484e1 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,11 @@ +2016-11-30 David Malcolm + + PR c/78498 + * selftest.c (selftest::assert_strndup_eq): New function. + (selftest::test_strndup): New function. + (selftest::test_libiberty): New function. + (selftest::selftest_c_tests): Call test_libiberty. + 2016-11-30 Segher Boessenkool PR rtl-optimization/78610 diff --git a/gcc/selftest.c b/gcc/selftest.c index 2a729be9b5e..6df73c24084 100644 --- a/gcc/selftest.c +++ b/gcc/selftest.c @@ -198,6 +198,53 @@ read_file (const location &loc, const char *path) return result; } +/* Selftests for libiberty. */ + +/* Verify that both strndup and xstrndup generate EXPECTED + when called on SRC and N. */ + +static void +assert_strndup_eq (const char *expected, const char *src, size_t n) +{ + char *buf = strndup (src, n); + if (buf) + ASSERT_STREQ (expected, buf); + free (buf); + + buf = xstrndup (src, n); + ASSERT_STREQ (expected, buf); + free (buf); +} + +/* Verify that strndup and xstrndup work as expected. */ + +static void +test_strndup () +{ + assert_strndup_eq ("", "test", 0); + assert_strndup_eq ("t", "test", 1); + assert_strndup_eq ("te", "test", 2); + assert_strndup_eq ("tes", "test", 3); + assert_strndup_eq ("test", "test", 4); + assert_strndup_eq ("test", "test", 5); + + /* Test on an string without zero termination. */ + const char src[4] = {'t', 'e', 's', 't'}; + assert_strndup_eq ("", src, 0); + assert_strndup_eq ("t", src, 1); + assert_strndup_eq ("te", src, 2); + assert_strndup_eq ("tes", src, 3); + assert_strndup_eq ("test", src, 4); +} + +/* Run selftests for libiberty. */ + +static void +test_libiberty () +{ + test_strndup (); +} + /* Selftests for the selftest system itself. */ /* Sanity-check the ASSERT_ macros with various passing cases. */ @@ -245,6 +292,7 @@ test_read_file () void selftest_c_tests () { + test_libiberty (); test_assertions (); test_named_temp_file (); test_read_file (); diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index d1b5c90a7ca..d6166b9edde 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,8 @@ +2016-11-30 David Malcolm + + PR c/78498 + * gcc.dg/format/pr78494.c: New test case. + 2016-11-30 David Edelsohn * g++.dg/debug/dwarf2/ref-1.C: Don't XFAIL scan-assembler-not on AIX. diff --git a/gcc/testsuite/gcc.dg/format/pr78494.c b/gcc/testsuite/gcc.dg/format/pr78494.c new file mode 100644 index 00000000000..4b53a68c2c0 --- /dev/null +++ b/gcc/testsuite/gcc.dg/format/pr78494.c @@ -0,0 +1,12 @@ +/* { dg-do compile } */ +/* { dg-options "-O2 -Wall -Wextra -fdiagnostics-show-caret" } */ + +void f (void) +{ + __builtin_printf ("%i", ""); /* { dg-warning "expects argument of type" } */ +/* { dg-begin-multiline-output "" } + __builtin_printf ("%i", ""); + ~^ ~~ + %s + { dg-end-multiline-output "" } */ +} diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog index 42164c406af..f0959c99f5c 100644 --- a/libiberty/ChangeLog +++ b/libiberty/ChangeLog @@ -1,3 +1,11 @@ +2016-11-30 David Malcolm + + PR c/78498 + * strndup.c (strlen): Delete decl. + (strnlen): Add decl. + (strndup): Call strnlen rather than strlen. + * xstrndup.c (xstrndup): Likewise. + 2016-11-29 Nathan Sidwell * cp-demangle.c (d_print_comp_inner): Fix parameter indentation. diff --git a/libiberty/strndup.c b/libiberty/strndup.c index 9e9b4e2991f..4556b962746 100644 --- a/libiberty/strndup.c +++ b/libiberty/strndup.c @@ -33,7 +33,7 @@ memory was available. The result is always NUL terminated. #include "ansidecl.h" #include -extern size_t strlen (const char*); +extern size_t strnlen (const char *s, size_t maxlen); extern PTR malloc (size_t); extern PTR memcpy (PTR, const PTR, size_t); @@ -41,10 +41,7 @@ char * strndup (const char *s, size_t n) { char *result; - size_t len = strlen (s); - - if (n < len) - len = n; + size_t len = strnlen (s, n); result = (char *) malloc (len + 1); if (!result) diff --git a/libiberty/xstrndup.c b/libiberty/xstrndup.c index 0a41f608ec0..c3d2d833902 100644 --- a/libiberty/xstrndup.c +++ b/libiberty/xstrndup.c @@ -48,10 +48,7 @@ char * xstrndup (const char *s, size_t n) { char *result; - size_t len = strlen (s); - - if (n < len) - len = n; + size_t len = strnlen (s, n); result = XNEWVEC (char, len + 1); -- 2.30.2