On Wed, Sep 07, 2022 at 12:36:22PM +0200, Alex Ernst via Gcc-bugs wrote:
> $ gcc -v
> gcc version 10.2.1 20210110 (Debian 10.2.1-6)
> 
> $ clang -v
> Debian clang version 11.0.1-2
> 
> $ cat hello.c
> int i;main(){for(;i["]<i;++i){--i;}"];read('-'-'-',i+++"Hell\
> o, world!\n",'/'/'/'));}read(j,i,p){write(j/p+p,i---j,i/i);}

Garbage in, garbage out.  This invokes UB in several spots.
One is that read has the second argument implicitly int, you pass
a const char * argument to it and because write is also unprototyped,
the second argument to it is also int.  Expecting that it passes
in the full pointer is wrong, it "happens to work" on most 32-bit
targets where pointers are the same size as integers and if they
are passed the same way.
This can be fixed by adding char*i; before {write,
but you need to change i/i to p/p or something similar because
you can't divide pointers.
But once you do that, there is another UB, i-- on the first iteration
is invalid pointer arithmetics - "Hello, world!\n"-1 .

        Jakub

Reply via email to