Mercurial > hg > CbC > CbC_gcc
comparison gcc/testsuite/gcc.dg/Wstringop-overflow.c @ 131:84e7813d76e9
gcc-8.2
author | mir3636 |
---|---|
date | Thu, 25 Oct 2018 07:37:49 +0900 |
parents | |
children | 1830386684a0 |
comparison
equal
deleted
inserted
replaced
111:04ced10e8804 | 131:84e7813d76e9 |
---|---|
1 /* PR middle-end/77608 - missing protection on trivially detectable runtime | |
2 buffer overflow | |
3 { dg-do compile } | |
4 { dg-options "-O2 -Wstringop-overflow -ftrack-macro-expansion=0" } */ | |
5 | |
6 #define SIZE_MAX __SIZE_MAX__ | |
7 #define DIFF_MAX __PTRDIFF_MAX__ | |
8 #define DIFF_MIN (-DIFF_MAX - 1) | |
9 | |
10 typedef __SIZE_TYPE__ size_t; | |
11 | |
12 extern void* memcpy (void*, const void*, size_t); | |
13 extern char* strcpy (char*, const char*); | |
14 extern char* strncpy (char*, const char*, size_t); | |
15 | |
16 void sink (void*); | |
17 | |
18 static size_t unsigned_value (void) | |
19 { | |
20 extern volatile size_t unsigned_value_source; | |
21 return unsigned_value_source; | |
22 } | |
23 | |
24 static size_t unsigned_range (size_t min, size_t max) | |
25 { | |
26 size_t val = unsigned_value (); | |
27 return val < min || max < val ? min : val; | |
28 } | |
29 | |
30 #define UR(min, max) unsigned_range (min, max) | |
31 | |
32 | |
33 char a7[7]; | |
34 | |
35 struct MemArray { char a9[9]; char a1[1]; }; | |
36 | |
37 void test_memcpy_array (const void *s) | |
38 { | |
39 #define T(d, s, n) (memcpy ((d), (s), (n)), sink (d)) | |
40 | |
41 T (a7 + UR (0, 1), s, 7); | |
42 T (a7 + UR (0, 7), s, 7); | |
43 T (a7 + UR (0, 8), s, 7); | |
44 T (a7 + UR (0, DIFF_MAX), s, 7); | |
45 T (a7 + UR (0, SIZE_MAX), s, 7); | |
46 | |
47 T (a7 + UR (1, 2), s, 7); /* { dg-warning "writing 7 bytes into a region of size 6" } */ | |
48 T (a7 + UR (2, 3), s, 7); /* { dg-warning "writing 7 bytes into a region of size 5" } */ | |
49 T (a7 + UR (6, 9), s, 7); /* { dg-warning "writing 7 bytes into a region of size 1" } */ | |
50 T (a7 + UR (7, 9), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
51 T (a7 + UR (8, 9), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
52 | |
53 T (a7 + UR (9, 10), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
54 T (a7 + UR (DIFF_MAX, DIFF_MAX + (size_t)1), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
55 T (a7 + UR (DIFF_MAX, SIZE_MAX), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
56 | |
57 /* This is valid. */ | |
58 char *d = a7 + 7; | |
59 T (d + UR (-8, -7), s, 7); | |
60 } | |
61 | |
62 /* Verify the absence of warnings for memcpy writing beyond object | |
63 boundaries. */ | |
64 | |
65 void test_memcpy_memarray (struct MemArray *p, const void *s) | |
66 { | |
67 #undef T | |
68 #define T(d, s, n) (memcpy ((d), (s), (n)), sink (d)) | |
69 | |
70 /* The following are valid. */ | |
71 T (p->a9 + UR (0, 1), s, 9); | |
72 T (p->a9 + UR (0, 7), s, 9); | |
73 T (p->a9 + UR (0, 8), s, 9); | |
74 T (p->a9 + UR (0, DIFF_MAX), s, 9); | |
75 T (p->a9 + UR (0, SIZE_MAX), s, 9); | |
76 | |
77 /* The following are invalid. Unfortunately, there is apparently enough | |
78 code out there that abuses memcpy to write past the end of one member | |
79 and into the members that follow so the following are not diagnosed | |
80 by design. It sure would be nice not to have to cater to hacks like | |
81 these... */ | |
82 T (p->a9 + UR (1, 2), s, 9); | |
83 T (p->a9 + UR (1, 2), s, 123); | |
84 } | |
85 | |
86 | |
87 void test_strcpy_array (void) | |
88 { | |
89 #undef T | |
90 #define T(d, s) (strcpy ((d), (s)), sink (d)) | |
91 | |
92 T (a7 + UR (0, 1), "012345"); | |
93 T (a7 + UR (0, 7), "012345"); | |
94 T (a7 + UR (0, 8), "012345"); | |
95 T (a7 + UR (0, DIFF_MAX), "012345"); | |
96 T (a7 + UR (0, SIZE_MAX), "012345"); | |
97 | |
98 T (a7 + UR (1, 2), "012345"); /* { dg-warning "writing 7 bytes into a region of size 6" } */ | |
99 T (a7 + UR (2, 3), "012345"); /* { dg-warning "writing 7 bytes into a region of size 5" } */ | |
100 T (a7 + UR (6, 9), "012345"); /* { dg-warning "writing 7 bytes into a region of size 1" } */ | |
101 T (a7 + UR (7, 9), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
102 T (a7 + UR (8, 9), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
103 | |
104 T (a7 + UR (9, 10), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
105 T (a7 + UR (DIFF_MAX, DIFF_MAX + (size_t)1), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
106 T (a7 + UR (DIFF_MAX, SIZE_MAX), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */ | |
107 | |
108 char *d = a7 + 7; | |
109 | |
110 T (d + UR (-8, -7), "012345"); | |
111 } | |
112 | |
113 void test_strncpy_memarray (struct MemArray *p, const void *s) | |
114 { | |
115 #undef T | |
116 #define T(d, s, n) (strncpy ((d), (s), (n)), sink (d)) | |
117 | |
118 T (p->a9 + UR (0, 1), s, 9); | |
119 T (p->a9 + UR (0, 7), s, 9); | |
120 T (p->a9 + UR (0, 8), s, 9); | |
121 T (p->a9 + UR (0, DIFF_MAX), s, 9); | |
122 T (p->a9 + UR (0, SIZE_MAX), s, 9); | |
123 | |
124 T (p->a9 + UR (1, 2), s, 9); /* { dg-warning "writing 9 bytes into a region of size 8" } */ | |
125 T (p->a9 + UR (2, 3), s, 9); /* { dg-warning "writing 9 bytes into a region of size 7" } */ | |
126 T (p->a9 + UR (6, 9), s, 9); /* { dg-warning "writing 9 bytes into a region of size 3" } */ | |
127 T (p->a9 + UR (9, 10), s, 9); /* { dg-warning "writing 9 bytes into a region of size 0" } */ | |
128 T (p->a9 + UR (10, 11), s, 9); /* { dg-warning "writing 9 bytes into a region of size 0" } */ | |
129 | |
130 T (p->a9 + UR (DIFF_MAX, DIFF_MAX + (size_t)1), s, 1); /* { dg-warning "writing 1 byte into a region of size 0" } */ | |
131 T (p->a9 + UR (DIFF_MAX, SIZE_MAX), s, 3); /* { dg-warning "writing 3 bytes into a region of size 0" } */ | |
132 } |