[Bug c/68107] New: Non-VLA type whose size is half or more of the address space constructed via a pointer

ch3root at openwall dot com Mon, 26 Oct 2015 16:52:53 -0700

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68107


            Bug ID: 68107
           Summary: Non-VLA type whose size is half or more of the address
                    space constructed via a pointer
           Product: gcc
           Version: 5.2.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: ch3root at openwall dot com
  Target Milestone: ---

Due to an overflow in size calculation the following (seemingly reasonable)
program compiles fine, allocates too small array and crashes in a loop:

#include <stdint.h>
#include <stdlib.h>
#include <stdio.h>

#define N (SIZE_MAX / sizeof(int) + 2)

int main(void)
{
  int (*p)[N];
  printf("%zu\n", sizeof *p);
  p = malloc(sizeof *p);
  if (!p)
    return 1;
  for (size_t i = 0; i < N; i++)
    (*p)[i] = 1;

  return 0;
}

According to https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68065#c4 : "Any
construction of a non-VLA type whose size is half or more of the address space
should receive a compile-time error, like you get if you don't use a pointer
here."

[Bug c/68107] New: Non-VLA type whose size is half or more of the address space constructed via a pointer

Reply via email to