https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97027
Bug ID: 97027
Summary: missing warning on buffer overflow storing a larger
scalar into a smaller array
Product: gcc
Version: 11.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: middle-end
Assignee: unassigned at gcc dot gnu.org
Reporter: msebor at gcc dot gnu.org
Target Milestone: ---
None of the obviously out-of-bounds stores in the functions below is diagnosed.
They all should and easily could be.
typedef __INT64_TYPE__ int64_t;
typedef __attribute__ ((__vector_size__ (8))) char V8;
typedef __attribute__ ((__vector_size__ (64))) char V64;
void f0 (int i)
{
char a[1];
void *p = a;
*(int64_t*)p = i; // storing 8 bytes into a one-byte array
__builtin_puts (a);
}
void f1 (int i)
{
char a[1];
if (i < 1 || 2 < i) i = 1;
void *p = a + i;
*(int64_t*)p = i; // storing 8 bytes at offset 1 into a one-byte array
__builtin_puts (a);
}
void g0 (int i)
{
char a[1];
void *p = a;
*(V8*)p = (V8){ i }; // storing 8 bytes into a one-byte array
__builtin_puts (a);
}
void g1 (int i)
{
char a[1];
if (i < 1 || 2 < i) i = 1;
void *p = a + i;
*(V64*)p = (V64){ i }; // storing 64 bytes at offset 1 into a one-byte
array
__builtin_puts (a);
}
