]> git.ipfire.org Git - thirdparty/gcc.git/commitdiff
projects / thirdparty / gcc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 065a6ab)
aarch64: Improve --with-arch checks
authorAlice Carlotti <alice.carlotti@arm.com>
Wed, 7 Jan 2026 19:47:45 +0000 (19:47 +0000)
committerAlice Carlotti <alice.carlotti@arm.com>
Tue, 10 Feb 2026 16:41:04 +0000 (16:41 +0000)
- Check for invalid characters before further processing.  Allow only
  alphanumeric characters, "-", "+" and ".".
- Convert "." to "\." before using user input in a sed expression.
- Reject zero-length extension names.
- Quote variables used in echo commands, to avoid unwanted shell
  expansions.

Without these changes, various invalid inputs would be accepted, for
example due to misparsing of "*" and "." characters in regexps and
shell expansions.  Some inputs could also lead to an infinite loop.

gcc/ChangeLog:

* config.gcc: Improve aarch64 --with-arch checks.

gcc/config.gcc patch | blob | blame | history

diff --git a/gcc/config.gcc b/gcc/config.gcc
index 14b1e9b87e36d46a28ad523d75dc0a1b434c5373..35958b17009cdf6b2fdc891495f1d6fdeac8d468 100644 (file)
--- a/gcc/config.gcc
+++ b/gcc/config.gcc
@@ -4357,8 +4357,15 @@ case "${target}" in
                fi
                for which in cpu arch tune; do
                        eval "val=\$with_$which"
-                       base_val=`echo $val | sed -E -e 's/\+.*//'`
-                       ext_val=`echo $val | sed -E -e 's/[a-z0-9.-]+//'`
+                       filtered_val=`echo "$val" | sed -E -e 's/[-A-Za-z0-9.+]+//'`
+                       if [ x"$filtered_val" != x ]; then
+                         echo "Invalid characters used in --with-$which=$val"
+                         exit 1
+                       fi
+
+                       escaped_val=`echo "$val" | sed -E -e 's/\./\\\./g'`
+                       base_val=`echo "$escaped_val" | sed -E -e 's/\+.*//'`
+                       ext_val=`echo "$escaped_val" | sed -E -e 's/^[^+]*//'`
 
                        if [ $which = arch ]; then
                          def=aarch64-arches.def
@@ -4390,20 +4397,19 @@ case "${target}" in
 
                          while [ x"$ext_val" != x ]
                          do
-                               ext_val=`echo $ext_val | sed -E -e 's/\+//'`
-                               ext=`echo $ext_val | sed -E -e 's/\+.*//'`
-                               base_ext=`echo $ext | sed -E -e 's/^no//'`
+                               ext_val=`echo "$ext_val" | sed -E -e 's/\+//'`
+                               ext=`echo "$ext_val" | sed -E -e 's/\+.*//'`
+                               base_ext=`echo "$ext" | sed -E -e 's/^no//'`
                                opt_line=`echo -e "$options_parsed" | \
                                        grep "^\"$base_ext\""`
 
-                               if [ x"$base_ext" = x ] \
-                                   || [ x"$opt_line" != x ]; then
+                               if [ x"$opt_line" != x ]; then
                                  true
                                else
                                  echo "Unknown extension used in --with-$which=$val" 1>&2
                                  exit 1
                                fi
-                               ext_val=`echo $ext_val | sed -E -e 's/[a-z0-9-]+//'`
+                               ext_val=`echo "$ext_val" | sed -E -e 's/[^+]+//'`
                          done
 
                          true
Mirror of https://gcc.gnu.org/git/gcc.git