From 876cdf517d1c464ce3d8f7eaf4199565e5592f16 Mon Sep 17 00:00:00 2001 From: Stefan Liebler Date: Fri, 3 Jun 2022 14:52:51 +0200 Subject: Avoid -Wstringop-overflow= warning in iconv module. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit On s390x when compiling with GCC 12, I get this warning: utf8-utf16-z9.c: ../iconv/loop.c: In function ‘__from_utf8_loop_etf3eh_single’: ../iconv/loop.c:445:22: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=] 445 | bytebuf[inlen++] = *inptr++; | ~~~~~~~~~~~~~~~~~^~~~~~~~~~ ../iconv/loop.c:381:17: note: at offset 4 into destination object ‘bytebuf’ of size 4 381 | unsigned char bytebuf[MAX_NEEDED_INPUT]; | ^~~~~~~ ../iconv/loop.c:445:22: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=] 445 | bytebuf[inlen++] = *inptr++; | ~~~~~~~~~~~~~~~~~^~~~~~~~~~ ../iconv/loop.c:381:17: note: at offset 5 into destination object ‘bytebuf’ of size 4 381 | unsigned char bytebuf[MAX_NEEDED_INPUT]; | ^~~~~~~ This patch tells the compiler that inend is always behind inptr which avoids the warning. Note that the SINGLE function is only used to implement the mb*towc*() or wc*tomb*() functions. Those functions use inptr and inend pointing to a variable on stack, compute the inend pointer or explicitly check the arguments which always leads to inptr < inend. Special notes for backporters (according to Siddhesh Poyarekar): If someone wants to backport this patch to release branches, they should also backport the following wcrtomb change. Otherwise the assumptions assumed by this patch are not true. commit 9bcd12d223a8990254b65e2dada54faa5d2742f3 Author: Siddhesh Poyarekar Date: Fri May 13 19:10:15 2022 +0530 wcrtomb: Make behavior POSIX compliant Reviewed-by: Siddhesh Poyarekar --- iconv/loop.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'iconv') diff --git a/iconv/loop.c b/iconv/loop.c index f8727a637a..09ade3b765 100644 --- a/iconv/loop.c +++ b/iconv/loop.c @@ -435,11 +435,17 @@ SINGLE(LOOPFCT) (struct __gconv_step *step, return __GCONV_FULL_OUTPUT; /* Now add characters from the normal input buffer. */ - if (inlen >= MAX_NEEDED_INPUT) + if (inlen >= MAX_NEEDED_INPUT || inptr >= inend) /* Avoid a -Wstringop-overflow= warning when this loop is unrolled. The compiler cannot otherwise see that this is unreachable because it depends on (state->__count & 7) not - being too large after a previous conversion step. */ + being too large after a previous conversion step. + Starting with GCC 12, we also have mark the inptr >= inend + case as unreachable to omit the warning. Note that this SINGLE + function is only used to implement the mb*towc*() or wc*tomb*() + functions. Those functions use inptr and inend pointing to a + variable on stack, compute the inend pointer or explicitly check + the arguments which always leads to inptr < inend. */ __builtin_unreachable (); do bytebuf[inlen++] = *inptr++; -- cgit v1.2.3