[Bug lto/41550] Fix security and portability issues in lto-plugin

2010-04-23 Thread rguenth at gcc dot gnu dot org 


--- Comment #6 from rguenth at gcc dot gnu dot org  2010-04-23 15:49 ---
,


-- 

rguenth at gcc dot gnu dot org changed:

   What|Removed |Added

 Status|ASSIGNED|RESOLVED
 Resolution||FIXED


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41550

[Bug lto/41550] Fix security and portability issues in lto-plugin

2010-04-23 Thread rguenth at gcc dot gnu dot org 


--- Comment #5 from rguenth at gcc dot gnu dot org  2010-04-23 15:49 ---
Subject: Bug 41550

Author: rguenth
Date: Fri Apr 23 15:49:10 2010
New Revision: 158673

URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=158673
Log:
2010-04-23  Richard Guenther  

PR lto/41550
* lto-plugin.c (parse_table_entry): Use xstrdup and xrealloc.
(translate): Likewise.
(all_symbols_read_handler): Likewise.
(claim_file_handler): Likewise.
(process_option): Likewise.
(add_output_files): Likewise.  Remove filename length limit.

Modified:
trunk/lto-plugin/ChangeLog
trunk/lto-plugin/lto-plugin.c


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41550

[Bug lto/41550] Fix security and portability issues in lto-plugin

2010-04-23 Thread rguenth at gcc dot gnu dot org 


--- Comment #4 from rguenth at gcc dot gnu dot org  2010-04-23 15:49 ---
Fixed.


-- 

rguenth at gcc dot gnu dot org changed:

   What|Removed |Added

  Known to fail||4.5.0
   Target Milestone|--- |4.6.0


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41550

[Bug lto/41550] Fix security and portability issues in lto-plugin

2010-04-23 Thread rguenth at gcc dot gnu dot org 


--- Comment #3 from rguenth at gcc dot gnu dot org  2010-04-23 15:05 ---
I have patches.


-- 

rguenth at gcc dot gnu dot org changed:

   What|Removed |Added

 AssignedTo|espindola at google dot com |rguenth at gcc dot gnu dot
   ||org
 Status|UNCONFIRMED |ASSIGNED
 Ever Confirmed|0   |1
   Last reconfirmed|-00-00 00:00:00 |2010-04-23 15:05:28
   date||


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41550

[Bug lto/41550] Fix security and portability issues in lto-plugin

2009-10-31 Thread rguenth at gcc dot gnu dot org 


--- Comment #2 from rguenth at gcc dot gnu dot org  2009-10-31 13:11 ---
Some things were fixed.  Still open are

> +/* Pass files generated by the lto-wrapper to the linker. FD is lto-wrapper's
> +   stdout. */
> +
> +static void
> +add_output_files (FILE *f)
> +{
> +  char fname[1000]; /* FIXME: Is this big enough? */

I don't know what sort of strings go there, but if they can be filenames 
with user-controlled components then the GNU Coding Standards say to avoid 
arbitrary limits.

> +  output_files = realloc (output_files, num_output_files * sizeof (char 
> *));
> +  output_files[num_output_files - 1] = strdup (s);

Use xrealloc and xstrdup.  Other places have the same issue with realloc 
or calloc or strdup.


Also there are still asserts that look fishy.

  assert (lto_wrapper_argv);

  temp_obj_dir_name = strdup ("tmp_objectsXX");
  t = mkdtemp (temp_obj_dir_name);
  assert (t == temp_obj_dir_name);

(see also PR39023)


-- 


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41550

[Bug lto/41550] Fix security and portability issues in lto-plugin

2009-10-03 Thread rguenth at gcc dot gnu dot org 


--- Comment #1 from rguenth at gcc dot gnu dot org  2009-10-03 22:16 ---
See also PR39023.


-- 

rguenth at gcc dot gnu dot org changed:

   What|Removed |Added

   Keywords||build


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41550