From: Stefan Liebler Date: Mon, 17 May 2021 14:19:36 +0000 (+0200) Subject: Fix stringop-overflow warning in bug-regex19.c. X-Git-Tag: glibc-2.34~389 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2457175e8b5dfa0ca447ba87cb2a1e7d7e2ba4a7;p=thirdparty%2Fglibc.git Fix stringop-overflow warning in bug-regex19.c. Starting with commit 26492c0a14966c32c43cd6ca1d0dca5e62c6cfef "Annotate additional APIs with GCC attribute access.", gcc emits this warning on s390x: In function 'do_one_test', inlined from 'do_mb_tests' at bug-regex19.c:385:11: bug-regex19.c:271:9: error: 're_search' specified size 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=] 271 | res = re_search (®buf, test->string, strlen (test->string), | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 272 | test->start, strlen (test->string) - test->start, NULL); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from ../include/regex.h:2, from bug-regex19.c:22: bug-regex19.c: In function 'do_mb_tests': ../posix/regex.h:554:17: note: in a call to function 're_search' declared with attribute 'read_only (2, 3)' 554 | extern regoff_t re_search (struct re_pattern_buffer *__buffer, | ^~~~~~~~~ ... The function do_one_test is inlined into do_mb_tests on s390x (at least with gcc 10). If do_one_test is marked with __attribute__ ((noinline)), there are no warnings on s390x. If do_one_test is marked with __attribute__ ((always_inline)), there are the same warnings on x86_64. test->string points to a variable length array on stack of do_mb_tests and the content is generated based on the passed test struct. According to Martin Sebor, this is a false positive caused by the same bug as the one in nss/makedb.c. It's fixed in GCC 11 and will also be available in the next GCC 10.4 release. --- diff --git a/posix/bug-regex19.c b/posix/bug-regex19.c index 9bbffb17e31..b3fee0a7302 100644 --- a/posix/bug-regex19.c +++ b/posix/bug-regex19.c @@ -24,6 +24,7 @@ #include #include #include +#include #define BRE RE_SYNTAX_POSIX_BASIC #define ERE RE_SYNTAX_POSIX_EXTENDED @@ -268,8 +269,17 @@ do_one_test (const struct test_s *test, const char *fail) return 1; } +#if __GNUC_PREREQ (10, 0) && !__GNUC_PREREQ (11, 0) + DIAG_PUSH_NEEDS_COMMENT; + /* Avoid GCC 10 false positive warning: specified size exceeds maximum + object size. */ + DIAG_IGNORE_NEEDS_COMMENT (10, "-Wstringop-overflow"); +#endif res = re_search (®buf, test->string, strlen (test->string), test->start, strlen (test->string) - test->start, NULL); +#if __GNUC_PREREQ (10, 0) && !__GNUC_PREREQ (11, 0) + DIAG_POP_NEEDS_COMMENT; +#endif if (res != test->res) { printf ("%sre_search \"%s\" \"%s\" failed: %d (expected %d)\n", @@ -280,8 +290,17 @@ do_one_test (const struct test_s *test, const char *fail) if (test->res > 0 && test->start == 0) { +#if __GNUC_PREREQ (10, 0) && !__GNUC_PREREQ (11, 0) + DIAG_PUSH_NEEDS_COMMENT; + /* Avoid GCC 10 false positive warning: specified size exceeds maximum + object size. */ + DIAG_IGNORE_NEEDS_COMMENT (10, "-Wstringop-overflow"); +#endif res = re_search (®buf, test->string, strlen (test->string), test->res, strlen (test->string) - test->res, NULL); +#if __GNUC_PREREQ (10, 0) && !__GNUC_PREREQ (11, 0) + DIAG_POP_NEEDS_COMMENT; +#endif if (res != test->res) { printf ("%sre_search from expected \"%s\" \"%s\" failed: %d (expected %d)\n",