On 12/8/24 10:17 AM, Richard Biener wrote:
Note you picked a difficult patch - as said, the atoi fix looks OK to
me, even if
it doesn't solve downstream issues. Can you split that out so I can
approve that
separately?
Thanks for your insights. I am a bit relieved that I don't have to
handle all of the fallout.
PR c/114541
* gimple-parser.cc (c_parser_gimple_parse_bb_spec):
Use strtoul with ERANGE check instead of atoi to avoid UB
and detect invalid __BB#. The full treatment of these invalid
values was considered out of scope for this patch.
Signed-off-by: Heiko Eißfeldt <he...@hexco.de>
diff --git a/gcc/c/gimple-parser.cc b/gcc/c/gimple-parser.cc
index 78e85d93487..b018bb6afb6 100644
--- a/gcc/c/gimple-parser.cc
+++ b/gcc/c/gimple-parser.cc
@@ -133,11 +133,21 @@ c_parser_gimple_parse_bb_spec (tree val, int *index)
{
if (!startswith (IDENTIFIER_POINTER (val), "__BB"))
return false;
- for (const char *p = IDENTIFIER_POINTER (val) + 4; *p; ++p)
- if (!ISDIGIT (*p))
- return false;
- *index = atoi (IDENTIFIER_POINTER (val) + 4);
- return *index > 0;
+
+ const char *bb = IDENTIFIER_POINTER (val) + 4;
+ if (! ISDIGIT (*bb))
+ return false;
+
+ char *pend;
+ errno = 0;
+ const unsigned long number = strtoul (bb, &pend, 10);
+ if (errno == ERANGE
+ || *pend != '\0'
+ || number > INT_MAX)
+ return false;
+
+ *index = number;
+ return true;
}
/* See if VAL is an identifier matching __BB<num> and return <num>
