RFR: 8247732: validate user-input intrinsic_ids in ControlIntrinsic [v3]
Xin Liu
xliu at openjdk.java.net
Tue Nov 24 07:00:57 UTC 2020
On Fri, 20 Nov 2020 08:48:28 GMT, Nils Eliasson <neliasso at openjdk.org> wrote:
>> Xin Liu has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains two commits:
>>
>> - 8247732: validate user-input intrinsic_ids in ControlIntrinsic
>>
>> avoid a warning of stringop-overflow
>> - 8247732: validate user-input intrinsic_ids in ControlIntrinsic
>
> src/hotspot/share/compiler/compilerDirectives.hpp line 198:
>
>> 196: if (vmIntrinsics::_none == vmIntrinsics::find_id(*iter)) {
>> 197: _bad = NEW_C_HEAP_ARRAY(char, strlen(*iter) + 1, mtCompiler);
>> 198: strncpy(_bad, *iter, strlen(*iter) + 1);
>
> This doesn't compile. Using strlen as an argument to strncpy is disallowed.
>
>> "warning: 'char* __builtin_strncpy(char*, const char*, long unsigned int)' specified bound depends on the length of the source argument [-Wstringop-overflow=]"
>
> Do a min between strlen and the maximum allowed length.
>
> Fix this for both uses of the string length (row 197 and 198).
hi, @neliasso,
I update my toolchain from g++-8 to g++-10 and successfully reproduce this issue.
I have updated my code to fix it. Actually, only one line is modified.
@@ -195,7 +195,7 @@ class ControlIntrinsicValidator {
for (ControlIntrinsicIter iter(option, disabled_all); *iter != NULL && _valid; ++iter) {
if (vmIntrinsics::_none == vmIntrinsics::find_id(*iter)) {
_bad = NEW_C_HEAP_ARRAY(char, strlen(*iter) + 1, mtCompiler);
- strncpy(_bad, *iter, strlen(*iter) + 1);
+ strcpy(_bad, *iter);
_valid = false;
}
}
The change has passed all regression test. I don't know why the table above doesn't update.
https://github.com/navyxliu/jdk/actions/runs/375913238
Could you take a look my patch, again?
-------------
PR: https://git.openjdk.java.net/jdk/pull/1179
More information about the hotspot-compiler-dev
mailing list