OpenE2K/gcc
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Plug possible snprintf overflow in lto-wrapper.

Browse Source 
My upcoming improvements to the DOM threader triggered a warning in
this code.  It looks like the format string is ".ltrans%u.ltrans", but
we're only writing a max of ".ltrans" + whatever the MAX_INT is here.

Tested on x86-64 Linux.

gcc/ChangeLog:

	* lto-wrapper.c (run_gcc): Plug snprintf overflow.
This commit is contained in:
Aldy Hernandez 2021-09-28 15:54:20 +02:00
parent b38a4bd102
commit f5440ac7ad
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
gcc/lto-wrapper.c
View File

@ -1983,7 +1983,9 @@ cont:
output_name = XOBFINISH (&env_obstack, char *);
/* Adjust the dumpbase if the linker output file was seen. */
int dumpbase_len = (strlen (dumppfx) + sizeof (DUMPBASE_SUFFIX));
int dumpbase_len = (strlen (dumppfx)
+ sizeof (DUMPBASE_SUFFIX)
+ sizeof (".ltrans"));
char *dumpbase = (char *) xmalloc (dumpbase_len + 1);
snprintf (dumpbase, dumpbase_len, "%sltrans%u.ltrans", dumppfx, i);
argv_ptr[0] = dumpbase;
@ -2009,9 +2011,11 @@ cont:
}
else
{
char argsuffix[sizeof (DUMPBASE_SUFFIX) + 1];
char argsuffix[sizeof (DUMPBASE_SUFFIX)
+ sizeof (".ltrans_args") + 1];
if (save_temps)
snprintf (argsuffix, sizeof (DUMPBASE_SUFFIX),
snprintf (argsuffix,
sizeof (DUMPBASE_SUFFIX) + sizeof (".ltrans_args"),
"ltrans%u.ltrans_args", i);
fork_execute (new_argv[0], CONST_CAST (char **, new_argv),
true, save_temps ? argsuffix : NULL);