https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92589
--- Comment #7 from Kees Cook <kees at outflux dot net> --- (In reply to Kees Cook from comment #6) > (In reply to Jakub Jelinek from comment #4) > > (In reply to Kees Cook from comment #2) > > > Is there anything to enforce a strict "only consider empty array size as > > > flexible array member" mode? This is an unfortunate weakening of the array > > > bounds checker as there are plenty of structures that have a fixed-size > > > array as the final member. > > > > There is -fsanitize=bounds-strict. > > This is too strict: it doesn't allow flexible arrays ([]) either. I'd like > something that ignores _only_ flexible arrays and fails on all other > trailing arrays beyond their size. Oops, sorry, my PoC was testing the corner cases, not the correct cases. -fsanitize=bounds-strict _does_ work (though I'd rather it disallowed [0], but I'll live): $ gcc -Wall -g3 -fsanitize=bounds-strict -fsanitize-undefined-trap-on-error -o bounds-gcc bounds.c $ ./bounds-gcc abc flex (should always be okay): ok (no trap!) zero (should be okay, treated as flex): ok (no trap!) one (should fail): Illegal instruction (core dumped)
