dfdbad87ae
As the comment in check_line says:
/* get_buffer is not null terminated, but the sscanf stops after a number. */
the buffer is not null terminated, there is line.length () to determine
the size of the line. But unlike what the comment says, sscanf actually
still requires null terminated string argument, anything else is UB.
E.g. glibc when initializing the temporary FILE stream for the string does
if (size == 0)
end = strchr (ptr, '\0');
and this strchr/rawmemchr is what shows up in valgrind report on cc1/cc1plus
doing self-tests.
The function is used only in a test with 1000 lines, each containg its
number, so numbers from 1 to 1000 inclusive (each time with '\n' separator,
but that isn't included in line.length ()).
So the function just uses a temporary buffer which can fit numbers from 1 to
1000 as strings with terminating '\0' and runs sscanf on that (why not
strtoul?).
Furthermore, the caller allocated number of lines * 15 bytes for the
string, but 1000\n is 5 bytes, so I think * 5 is more than enough.
2025-03-01 Jakub Jelinek <jakub@redhat.com>
PR other/119052
* input.cc (check_line): Don't call sscanf on non-null terminated
buffer, instead copy line.length () bytes from line.get_buffer ()
to a local buffer, null terminate it and call sscanf on that.
Formatting fix.
(test_replacement): Just allocate maxline * 5 rather than maxline * 15
bytes for the file. Formatting fix.
|
||
|---|---|---|
| .forgejo | ||
| .github | ||
| c++tools | ||
| config | ||
| contrib | ||
| fixincludes | ||
| gcc | ||
| gnattools | ||
| gotools | ||
| include | ||
| INSTALL | ||
| libada | ||
| libatomic | ||
| libbacktrace | ||
| libcc1 | ||
| libcody | ||
| libcpp | ||
| libdecnumber | ||
| libffi | ||
| libgcc | ||
| libgfortran | ||
| libgm2 | ||
| libgo | ||
| libgomp | ||
| libgrust | ||
| libiberty | ||
| libitm | ||
| libobjc | ||
| libphobos | ||
| libquadmath | ||
| libsanitizer | ||
| libssp | ||
| libstdc++-v3 | ||
| libvtv | ||
| lto-plugin | ||
| maintainer-scripts | ||
| zlib | ||
| .b4-config | ||
| .dir-locals.el | ||
| .gitattributes | ||
| .gitignore | ||
| ABOUT-NLS | ||
| ar-lib | ||
| ChangeLog | ||
| ChangeLog.jit | ||
| ChangeLog.tree-ssa | ||
| compile | ||
| config-ml.in | ||
| config.guess | ||
| config.rpath | ||
| config.sub | ||
| configure | ||
| configure.ac | ||
| COPYING | ||
| COPYING.LIB | ||
| COPYING.RUNTIME | ||
| COPYING3 | ||
| COPYING3.LIB | ||
| depcomp | ||
| install-sh | ||
| libtool-ldflags | ||
| libtool.m4 | ||
| ltgcc.m4 | ||
| ltmain.sh | ||
| ltoptions.m4 | ||
| ltsugar.m4 | ||
| ltversion.m4 | ||
| lt~obsolete.m4 | ||
| MAINTAINERS | ||
| Makefile.def | ||
| Makefile.in | ||
| Makefile.tpl | ||
| missing | ||
| mkdep | ||
| mkinstalldirs | ||
| move-if-change | ||
| multilib.am | ||
| README | ||
| SECURITY.txt | ||
| symlink-tree | ||
| test-driver | ||
| ylwrap | ||
This directory contains the GNU Compiler Collection (GCC). The GNU Compiler Collection is free software. See the files whose names start with COPYING for copying permission. The manuals, and some of the runtime libraries, are under different terms; see the individual source files for details. The directory INSTALL contains copies of the installation information as HTML and plain text. The source of this information is gcc/doc/install.texi. The installation information includes details of what is included in the GCC sources and what files GCC installs. See the file gcc/doc/gcc.texi (together with other files that it includes) for usage and porting information. An online readable version of the manual is in the files gcc/doc/gcc.info*. See http://gcc.gnu.org/bugs/ for how to report bugs usefully. Copyright years on GCC source files may be listed using range notation, e.g., 1987-2012, indicating that every year in the range, inclusive, is a copyrightable year that could otherwise be listed individually.