[PATCH] use strnlen in pretty printer for "%.*s" (PR 81859)

Wed, 16 Aug 2017 09:13:02 -0700 

Bug 81859 points out that my fix for bug 81586 wasn't quite
right (or complete):  the argument of a %.*s directive need
not be a nul-terminated string when the precision is less
than the initialized size of the array the argument points
to.  The attached tweak uses strnlen to avoid reading past
the end of a non-nul terminated array.

The patch has been tested on x86_64-linux and by running
self tests under Valgrind.  I'll go ahead and commit it as
obvious sometime later today if there are no objections in
the meantime.

Martin


PR c/81859 - [8 Regression] valgrind error from warn_about_normalization

gcc/ChangeLog:

	PR c/81859
	* pretty-print.c (pp_format): Use strnlen in %.*s to avoid reading
	past the end of an array.
	(test_pp_format): Add test cases.

Index: gcc/pretty-print.c
===================================================================
--- gcc/pretty-print.c	(revision 251100)
+++ gcc/pretty-print.c	(working copy)
@@ -668,15 +668,11 @@ pp_format (pretty_printer *pp, text_info *text)
 
 	    s = va_arg (*text->args_ptr, const char *);
 
-	    /* Negative precision is treated as if it were omitted.  */
-	    if (n < 0)
-	      n = INT_MAX;
+	    /* Append the lesser of precision and strlen (s) characters
+	       from the array (which need not be a nul-terminated string).
+	       Negative precision is treated as if it were omitted.  */
+	    size_t len = n < 0 ? strlen (s) : strnlen (s, n);
 
-	    /* Append the lesser of precision and strlen (s) characters.  */
-	    size_t len = strlen (s);
-	    if ((unsigned) n < len)
-	      len = n;
-
 	    pp_append_text (pp, s, s + len);
 	  }
 	  break;
@@ -1438,6 +1434,13 @@ test_pp_format ()
   ASSERT_PP_FORMAT_2 ("A 12345678", "%c %x", 'A', 0x12345678);
   ASSERT_PP_FORMAT_2 ("hello world 12345678", "%s %x", "hello world",
 		      0x12345678);
+
+  /* Not nul-terminated.  */
+  char arr[5] = { '1', '2', '3', '4', '5' };
+  ASSERT_PP_FORMAT_2 ("123", "%.*s", 3, arr);
+  ASSERT_PP_FORMAT_2 ("1234", "%.*s", -1, "1234");
+  ASSERT_PP_FORMAT_2 ("12345", "%.*s", 7, "12345");
+
   /* We can't test for %p; the pointer is printed in an implementation-defined
      manner.  */
   ASSERT_PP_FORMAT_2 ("normal colored normal 12345678",

Reply via email to