Ping: https://gcc.gnu.org/ml/gcc-patches/2019-11/msg00812.html
On 11/11/19 6:27 PM, Martin Sebor wrote:
The attached patch extends the strlen pass to detect out-of-bounds accesses to memory allocated by calls to other allocation functions besides calloc and malloc, as well as VLAs, and user-defined functions declared with attribute alloc_size. There is some overlap with the _FORTIFY_SOURCE detection but thanks to the extensive use of ranges, this enhancement detects many more cases of overflow. The solution primarily improves warnings but some of the changes also improve codegen in some cases as a side-effect. I hope to take better advantage of the optimization opportunities the dynamic memory tracking opens up (and also better buffer overflow and array out-of-bounds detection) in GCC 11. Although the strlen pass already tracks some dynamic memory calls (calloc and malloc) rather than extending the same infrastructure (strinfo::stmt) to others I took the approach of adding a separate data member for the other calls (strinfo::alloc) and tracking those independently. I did this to keep the changes only minimally intrusive. In the future (post GCC 10) it might be worth considering merging both. Besides introducing the new member and making use of it, the rest of the changes were prompted by weaknesses exposed by test cases involving dynamically allocated objects. The patch is intended to apply on top of the two related patches posted last week ([1] and [2]). For all tests to pass also expects the fix for PR 92412 posted earlier today ([3]). Martin [1] https://gcc.gnu.org/ml/gcc-patches/2019-11/msg00429.html [2] https://gcc.gnu.org/ml/gcc-patches/2019-11/msg00652.html [3] https://gcc.gnu.org/ml/gcc-patches/2019-11/msg00800.html
