Mercurial > hg > CbC > CbC_gcc

comparison gcc/testsuite/gcc.dg/Wstringop-overflow.c @ 131:84e7813d76e9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
gcc-8.2
author mir3636
date Thu, 25 Oct 2018 07:37:49 +0900
parents
children 1830386684a0
comparison
equal deleted inserted replaced
111:04ced10e8804 131:84e7813d76e9
1 /* PR middle-end/77608 - missing protection on trivially detectable runtime
2 buffer overflow
3 { dg-do compile }
4 { dg-options "-O2 -Wstringop-overflow -ftrack-macro-expansion=0" } */
5
6 #define SIZE_MAX __SIZE_MAX__
7 #define DIFF_MAX __PTRDIFF_MAX__
8 #define DIFF_MIN (-DIFF_MAX - 1)
9
10 typedef __SIZE_TYPE__ size_t;
11
12 extern void* memcpy (void*, const void*, size_t);
13 extern char* strcpy (char*, const char*);
14 extern char* strncpy (char*, const char*, size_t);
15
16 void sink (void*);
17
18 static size_t unsigned_value (void)
19 {
20 extern volatile size_t unsigned_value_source;
21 return unsigned_value_source;
22 }
23
24 static size_t unsigned_range (size_t min, size_t max)
25 {
26 size_t val = unsigned_value ();
27 return val < min || max < val ? min : val;
28 }
29
30 #define UR(min, max) unsigned_range (min, max)
31
32
33 char a7[7];
34
35 struct MemArray { char a9[9]; char a1[1]; };
36
37 void test_memcpy_array (const void *s)
38 {
39 #define T(d, s, n) (memcpy ((d), (s), (n)), sink (d))
40
41 T (a7 + UR (0, 1), s, 7);
42 T (a7 + UR (0, 7), s, 7);
43 T (a7 + UR (0, 8), s, 7);
44 T (a7 + UR (0, DIFF_MAX), s, 7);
45 T (a7 + UR (0, SIZE_MAX), s, 7);
46
47 T (a7 + UR (1, 2), s, 7); /* { dg-warning "writing 7 bytes into a region of size 6" } */
48 T (a7 + UR (2, 3), s, 7); /* { dg-warning "writing 7 bytes into a region of size 5" } */
49 T (a7 + UR (6, 9), s, 7); /* { dg-warning "writing 7 bytes into a region of size 1" } */
50 T (a7 + UR (7, 9), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */
51 T (a7 + UR (8, 9), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */
52
53 T (a7 + UR (9, 10), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */
54 T (a7 + UR (DIFF_MAX, DIFF_MAX + (size_t)1), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */
55 T (a7 + UR (DIFF_MAX, SIZE_MAX), s, 7); /* { dg-warning "writing 7 bytes into a region of size 0" } */
56
57 /* This is valid. */
58 char *d = a7 + 7;
59 T (d + UR (-8, -7), s, 7);
60 }
61
62 /* Verify the absence of warnings for memcpy writing beyond object
63 boundaries. */
64
65 void test_memcpy_memarray (struct MemArray *p, const void *s)
66 {
67 #undef T
68 #define T(d, s, n) (memcpy ((d), (s), (n)), sink (d))
69
70 /* The following are valid. */
71 T (p->a9 + UR (0, 1), s, 9);
72 T (p->a9 + UR (0, 7), s, 9);
73 T (p->a9 + UR (0, 8), s, 9);
74 T (p->a9 + UR (0, DIFF_MAX), s, 9);
75 T (p->a9 + UR (0, SIZE_MAX), s, 9);
76
77 /* The following are invalid. Unfortunately, there is apparently enough
78 code out there that abuses memcpy to write past the end of one member
79 and into the members that follow so the following are not diagnosed
80 by design. It sure would be nice not to have to cater to hacks like
81 these... */
82 T (p->a9 + UR (1, 2), s, 9);
83 T (p->a9 + UR (1, 2), s, 123);
84 }
85
86
87 void test_strcpy_array (void)
88 {
89 #undef T
90 #define T(d, s) (strcpy ((d), (s)), sink (d))
91
92 T (a7 + UR (0, 1), "012345");
93 T (a7 + UR (0, 7), "012345");
94 T (a7 + UR (0, 8), "012345");
95 T (a7 + UR (0, DIFF_MAX), "012345");
96 T (a7 + UR (0, SIZE_MAX), "012345");
97
98 T (a7 + UR (1, 2), "012345"); /* { dg-warning "writing 7 bytes into a region of size 6" } */
99 T (a7 + UR (2, 3), "012345"); /* { dg-warning "writing 7 bytes into a region of size 5" } */
100 T (a7 + UR (6, 9), "012345"); /* { dg-warning "writing 7 bytes into a region of size 1" } */
101 T (a7 + UR (7, 9), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */
102 T (a7 + UR (8, 9), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */
103
104 T (a7 + UR (9, 10), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */
105 T (a7 + UR (DIFF_MAX, DIFF_MAX + (size_t)1), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */
106 T (a7 + UR (DIFF_MAX, SIZE_MAX), "012345"); /* { dg-warning "writing 7 bytes into a region of size 0" } */
107
108 char *d = a7 + 7;
109
110 T (d + UR (-8, -7), "012345");
111 }
112
113 void test_strncpy_memarray (struct MemArray *p, const void *s)
114 {
115 #undef T
116 #define T(d, s, n) (strncpy ((d), (s), (n)), sink (d))
117
118 T (p->a9 + UR (0, 1), s, 9);
119 T (p->a9 + UR (0, 7), s, 9);
120 T (p->a9 + UR (0, 8), s, 9);
121 T (p->a9 + UR (0, DIFF_MAX), s, 9);
122 T (p->a9 + UR (0, SIZE_MAX), s, 9);
123
124 T (p->a9 + UR (1, 2), s, 9); /* { dg-warning "writing 9 bytes into a region of size 8" } */
125 T (p->a9 + UR (2, 3), s, 9); /* { dg-warning "writing 9 bytes into a region of size 7" } */
126 T (p->a9 + UR (6, 9), s, 9); /* { dg-warning "writing 9 bytes into a region of size 3" } */
127 T (p->a9 + UR (9, 10), s, 9); /* { dg-warning "writing 9 bytes into a region of size 0" } */
128 T (p->a9 + UR (10, 11), s, 9); /* { dg-warning "writing 9 bytes into a region of size 0" } */
129
130 T (p->a9 + UR (DIFF_MAX, DIFF_MAX + (size_t)1), s, 1); /* { dg-warning "writing 1 byte into a region of size 0" } */
131 T (p->a9 + UR (DIFF_MAX, SIZE_MAX), s, 3); /* { dg-warning "writing 3 bytes into a region of size 0" } */
132 }