[Bug sanitizer/98608] New: missing sanitizer detection for arrays with invalid length defind using typeof

muecker at gwdg dot de via Gcc-bugs Fri, 08 Jan 2021 13:39:32 -0800

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98608


            Bug ID: 98608
           Summary: missing sanitizer detection for arrays with invalid
                    length defind using typeof
           Product: gcc
           Version: 11.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: muecker at gwdg dot de
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at 
gcc dot gnu.org
  Target Milestone: ---

The following invalid code is not detected with -fsanitize=undefined

void f(int n, double (*x)[n])
{
        typeof(*x) y;
//      double y[n];
}

int main()
{
        f(-1, 0);
}

Using the definition without typedef yields:

src/test.c:5:9: runtime error: variable length array bound evaluates to
non-positive value -1

[Bug sanitizer/98608] New: missing sanitizer detection for arrays with invalid length defind using typeof

Reply via email to