From patchwork Thu Dec  5 00:41:37 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Heiko_Ei=C3=9Ffeldt?= <heiko@hexco.de>
X-Patchwork-Id: 2018574
Return-Path: <gcc-patches-bounces~incoming=patchwork.ozlabs.org@gcc.gnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=hexco.de header.i=heiko@hexco.de header.a=rsa-sha256
 header.s=s1-ionos header.b=Kx19CUSN;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=gcc.gnu.org
 (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org;
 envelope-from=gcc-patches-bounces~incoming=patchwork.ozlabs.org@gcc.gnu.org;
 receiver=patchwork.ozlabs.org)
Received: from server2.sourceware.org (server2.sourceware.org
 [IPv6:2620:52:3:1:0:246e:9693:128c])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4Y3bX55ZKSz1yQl
	for <incoming@patchwork.ozlabs.org>; Thu,  5 Dec 2024 11:55:00 +1100 (AEDT)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 3272C3858D35
	for <incoming@patchwork.ozlabs.org>; Thu,  5 Dec 2024 00:54:57 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3272C3858D35
Authentication-Results: sourceware.org;
	dkim=fail reason="signature verification failed" (2048-bit key,
 unprotected) header.d=hexco.de header.i=heiko@hexco.de header.a=rsa-sha256
 header.s=s1-ionos header.b=Kx19CUSN
X-Original-To: gcc-patches@gcc.gnu.org
Delivered-To: gcc-patches@gcc.gnu.org
Received: from mout.kundenserver.de (mout.kundenserver.de [217.72.192.74])
 by sourceware.org (Postfix) with ESMTPS id 0B6D33858D28
 for <gcc-patches@gcc.gnu.org>; Thu,  5 Dec 2024 00:53:50 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 0B6D33858D28
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=hexco.de
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=hexco.de
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 0B6D33858D28
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=217.72.192.74
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1733360031; cv=none;
 b=Dqb61kRX8QXNgoZwvMhoOOjIc537nTLyQ5xdnrKgh6DBEzpFs+8yG002SvZFG5q2bTX9hhrOz5iumCscfQ56SLAU9UQtZK2a64asIGxgzjzT285gyLtqSIzXq8I1vf8oX6DEnM9aRFXWhvXBAH4SL9+tPqdT7xSI9Cn4clhKPIA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1733360031; c=relaxed/simple;
 bh=6sg3KStm8bUGgt03GTWc1MO1nzZ4bOvrpZaSqk9GdMg=;
 h=DKIM-Signature:Message-ID:Date:MIME-Version:To:From:Subject;
 b=QJxODieA8fdZhwmQA++RmYo9IKDtl/x3IgPvaoD7+fF7wkxz8/NY4QOK5TY3SaLHfhxObDY6Os10IbP0pEUnANnmPpqEqsdapszmNY/21w8VOb+1rmQ3RVU5zKNTc1oOpbgGZdSAUVhZnKL35hE4QcwGh65V9//susRPWnc66RI=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0B6D33858D28
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hexco.de;
 s=s1-ionos; t=1733360029; x=1733964829; i=heiko@hexco.de;
 bh=FvGFhIvUraTD6nOHQEJtSmQSjsaRKf+96Ai0d5D2YD0=;
 h=X-UI-Sender-Class:Content-Type:Message-ID:Date:MIME-Version:To:
 From:Subject:cc:content-transfer-encoding:content-type:date:from:
 message-id:mime-version:reply-to:subject:to;
 b=Kx19CUSNuWYLcZRvvqlLFfNHOfd004oUe8oGd3CbM6Q4VjcuA8kYFUGbSK2tTt6n
 PoU++FpfDncHd/s2sC1IIFxTvOaX9Xj4RyJx5u6k2SMt8zUBt/r3NcM2IZ0Zp6XP8
 G5tFJ1IPXqsyRB/LTbcVBttbkC87AB7gGFAMbFxsmHuiMFqTw4q442K8BaWhntte2
 XexMXjSZXmeWDSFTmeMZa3Q3YjWWFuw7WWJVNNK2S2NO7HZSLKG8q8BR121IX2ZKi
 znFFZ6dMlOmP4FKA8uBMjq1U3642lwSvXphWr6Hc66IMjX826qtBdI3eY6zeb3Ph7
 uvp9EGh5uKJrE48J7Q==
X-UI-Sender-Class: 55c96926-9e95-11ee-ae09-1f7a4046a0f6
Received: from [192.168.178.51] ([89.182.200.192]) by mrelayeu.kundenserver.de
 (mreue106 [212.227.15.183]) with ESMTPSA (Nemesis) id
 1MGyl3-1tOAve0WB9-0016RG for <gcc-patches@gcc.gnu.org>; Thu, 05 Dec 2024
 01:53:49 +0100
Message-ID: <8b3ea7a3-9c7d-4906-bc0b-59b1c5eba45c@hexco.de>
Date: Thu, 5 Dec 2024 01:41:37 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: gcc-patches@gcc.gnu.org
From: =?utf-8?q?Heiko_Ei=C3=9Ffeldt?= <heiko@hexco.de>
Subject: [PATCH] Invalid gimple __BB# accepted due to usage of atoi -> replace
 atoi with stroul in c_parser_gimple_parse_bb_spec [PR114541]
Autocrypt: addr=heiko@hexco.de; keydata=
 xjMEZ0YwxxYJKwYBBAHaRw8BAQdAgjCILZUWIgzJKeQ802aXg9w6wUzR5e66eS/awyJfN07N
 IEhlaWtvIEVpw59mZWxkdCA8aGVpa29AaGV4Y28uZGU+wpkEExYKAEECGwMFCwkIBwICIgIG
 FQoJCAsCBBYCAwECHgcCF4AWIQSVtx0YkfZMvfmvP6dsW14t6dGB4gUCZ0YxrQUJK0GxaQAK
 CRBsW14t6dGB4lv+AP0bCrxxXALJGg0fazPjnTQWD4qNyt2tfmTWiFLbHx/3GQD/ZfE0f/ZC
 poXDxeERkchqsiykocK009rKau7Kzd7iYw7OOARnRjDHEgorBgEEAZdVAQUBAQdAJREqxbTK
 SCPvZ55HxGmk+8bA7V2DXV3sIYF3SY8yHEADAQgHwn4EGBYKACYCGwwWIQSVtx0YkfZMvfmv
 P6dsW14t6dGB4gUCZ0Y0KAUJJZ6g4QAKCRBsW14t6dGB4g7EAP9YsaAvf/VS3Y1Au1Ue7L33
 eI5dGh8paTVRFpcbWFJacgD9EvVhTdq/3ucCNkStTUXVvrDq9nDs2zkGa/LecAy0mAw=
X-Provags-ID: V03:K1:+uvrKeazLLxtN2/FZotFsrQQKSm215GqImVtbRj9xUWPuDHjdUV
 t/HDdB3tkk3YEo7qZPWDuXXeHRChH1jlQlng0nsWFLesMwZ0gp5dJ/BfMY+EuQWcNc6DBoR
 cAfk55f7q1kWBQVScM0sxwhmm5LcwcmN391hox3r7BZQ+yv3MzTw0+fMZ+/ymTzl3luuzw4
 PegI4Y4XPaB997usjT4hw==
UI-OutboundReport: notjunk:1;M01:P0:5UZ5ARNc7RU=;0lRq2gW2zvCq55zXfz4othdAGOr
 ude2+7tCHEqPo88rMmFCRRW7aICJK7XiuYsnkTuBOnA0fVUFeLVWBvSbp4spuw7GwJYd5FImd
 JnVBCaGGaqAwbqYk6KIzYeF9HYY7uCR88yBACWIQONa+fHnMQX9nK3f+yqkzCgPv9F8lMZFHS
 wfF7bKw8I5lGrN7sVjiBz1bBeKGQVmdY7mpQCpTN2PuK8+D6WjBcf1SQjvhwy9PAi8uLZ2/Fm
 qsvKnsScVdGJQwZ7ofDQHM2a2nStj33H0VkKQ/S5W+7reml6oBVfyW7GMnKCZtadqbA4PaW3i
 nQT/Y6X17nnmqIjDYNpc2yiU5ju9P46biXtcGUNUo3chAarZoSQISSIE+XZFV3gSe1MnI2r3K
 15AvG1P9h/JMFHhY2KsoR1HWzyPlNIMBzwvSHpkRFI3ZycRjtyGlsFqwHblL/0DkGh1tU5IT0
 R3oq8VrJ5UBdBQs420bAvgZPG73Q/loIDELHoXofFCcfugvFqjF67JKo4t2+1F2wDulNLkzbQ
 5CORGv9f8MWdsKs28opy5yc2tJWfv9+vFj43y52MR7CBUmCN4/vhxuTWA+mrb0GOacEDieu+A
 I6cvk84Gf7z8U1cjOTzX1x1mAI2S96/V6RvmrtB/KWlzTEZ2gGXkL7Uw6Q73NKmLJCFJaneY0
 /E5VCxbQ06ZT+9GX/Zmadb4taWUwfCY5PlcKlEuIq/kxeDWj2Vk7PnmnxHDsMxdrRwXM+XdiE
 UsfRQycEtrjxYP5G2mx0B9ryGRvCfevJfmK/oqIloc/bFaxlmR9/raGp7g6tvcDgj9KzHIToj
 zT+QyflKpfqYF/+76/NwiS2kM12Ehb42hbayx/DjK4EKR3gDGtPU/m8oZRnmaiF+BILhJIYLo
 PS8FbdoKseX8QeWIgAhGEfOHhQo7m2dC1xa7HodbIAUWMlYD8KknKPzOM3iJJbYoPP3goTx81
 lPpD6GMnYlbHURHufJJ4zJb6DyreIFRae1VHu8QpKCnQpaPSOkM+6Wm0kqgpkMDXx2tJ+fQZF
 VxBqXhEw4bSAC5QmWw=
X-BeenThere: gcc-patches@gcc.gnu.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe>
Errors-To: gcc-patches-bounces~incoming=patchwork.ozlabs.org@gcc.gnu.org

As commented in PR114541 here is a first patch that
1. replaces atoi() with strtoul() with ERANGE checking and
2. fixes the handling of misparsed gimple compounds to return early.
3. adds two new test cases.

There is more work to do for Andrews testcase to succeed, so PR114541
is not done yet.

===

Replace atoi() with strtoul() with ERANGE checking.

The function c_parser_gimple_parse_bb_spec uses atoi,
which can silently return valid numbers even for
some too large numbers in the string.

Furthermore in function c_parser_parse_gimple_body
handle the case of gimple compound statement errors
more generically. In the case of cdil != cdil_gimple
now consider them as errors and return early.
This avoids further processing with erroneous data.

2024-12-05 Heiko Eißfeldt <heiko@hexco.de>

	PR c/114541
	* gimple-parser.cc (c_parser_gimple_parse_bb_spec):
	Use strtoul with ERANGE check instead of atoi

	* gimple-parser.cc (c_parser_parse_gimple_body):
	separate check for errors in c_parser_gimple_compound_statement
	and special handling of cdil == cdil_gimple to allow
	a return in case of errors for cdil != cdil_gimple

	* gcc.dg/pr114541-else-BB#-and-garbagechar.c: New test.
	* gcc.dg/pr114541-then-BB#-and-garbagechar.c: New test.


Signed-off-by: Heiko Eißfeldt <heiko@hexco.de>
Signed-off-by: Heiko Eißfeldt <heiko@hexco.de>
Signed-off-by: Heiko Eißfeldt <heiko@hexco.de>
Signed-off-by: Heiko Eißfeldt <heiko@hexco.de>

diff --git a/gcc/c/gimple-parser.cc b/gcc/c/gimple-parser.cc
index 78e85d93487..21631fa02f5 100644
--- a/gcc/c/gimple-parser.cc
+++ b/gcc/c/gimple-parser.cc
@@ -133,11 +133,21 @@ c_parser_gimple_parse_bb_spec (tree val, int *index)
 {
   if (!startswith (IDENTIFIER_POINTER (val), "__BB"))
     return false;
-  for (const char *p = IDENTIFIER_POINTER (val) + 4; *p; ++p)
-    if (!ISDIGIT (*p))
-      return false;
-  *index = atoi (IDENTIFIER_POINTER (val) + 4);
-  return *index > 0;
+
+  const char *bb = IDENTIFIER_POINTER (val) + 4;
+  if (! ISDIGIT (*bb))
+    return false;
+
+  char *pend;
+  errno = 0;
+  const unsigned long number = strtoul (bb, &pend, 10);
+  if (errno == ERANGE
+      || *pend != '\0'
+      || number > INT_MAX)
+    return false;
+
+  *index = number;
+  return true;
 }
 
 /* See if VAL is an identifier matching __BB<num> and return <num>
@@ -250,11 +260,18 @@ c_parser_parse_gimple_body (c_parser *cparser, char *gimple_pass,
 	}
     }
 
-  if (! c_parser_gimple_compound_statement (parser, &seq)
-      && cdil == cdil_gimple)
+  if (! c_parser_gimple_compound_statement (parser, &seq))
     {
-      gimple *ret = gimple_build_return (NULL);
-      gimple_seq_add_stmt_without_update (&seq, ret);
+      if (cdil == cdil_gimple)
+	{
+	  gimple *ret = gimple_build_return (NULL);
+	  gimple_seq_add_stmt_without_update (&seq, ret);
+	}
+      else
+	{
+	  /* in case of syntax errors abort early */
+	  return;
+	}
     }
 
   tree block = pop_scope ();
diff --git a/gcc/testsuite/gcc.dg/pr114541-else-BB#-and-garbagechar.c b/gcc/testsuite/gcc.dg/pr114541-else-BB#-and-garbagechar.c
new file mode 100644
index 00000000000..4cb990f4423
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/pr114541-else-BB#-and-garbagechar.c
@@ -0,0 +1,29 @@
+/* PR middle-end/114541 */
+/* { dg-do compile } */
+/* { dg-options "-fgimple" } */
+/* { dg-bogus "internal compiler error" } */
+
+void __GIMPLE (ssa,startwith ("dse2")) foo ()
+{
+  int a;
+
+__BB(2):
+  if (a_5(D) > 4)
+    goto __BB3;
+  else
+    goto __BB4&; /* { dg-error "expected ';' before" } */
+
+__BB(3):
+  a_2 = 10;
+  goto __BB5;
+
+__BB(4):
+  a_3 = 20;
+  goto __BB5;
+
+__BB(5):
+  a_1 = __PHI (__BB3: a_2, __BB4: a_3);
+  a_4 = a_1 + 4;
+
+return;
+}
diff --git a/gcc/testsuite/gcc.dg/pr114541-then-BB#-and-garbagechar.c b/gcc/testsuite/gcc.dg/pr114541-then-BB#-and-garbagechar.c
new file mode 100644
index 00000000000..bcb6a937283
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/pr114541-then-BB#-and-garbagechar.c
@@ -0,0 +1,29 @@
+/* PR middle-end/114541 */
+/* { dg-do compile } */
+/* { dg-options "-fgimple" } */
+/* { dg-bogus "internal compiler error" } */
+
+void __GIMPLE (ssa,startwith ("dse2")) foo ()
+{
+  int a;
+
+__BB(2):
+  if (a_5(D) > 4)
+    goto __BB3&; /* { dg-error "expected ';' before" } */
+  else
+    goto __BB4;
+
+__BB(3):
+  a_2 = 10;
+  goto __BB5;
+
+__BB(4):
+  a_3 = 20;
+  goto __BB5;
+
+__BB(5):
+  a_1 = __PHI (__BB3: a_2, __BB4: a_3);
+  a_4 = a_1 + 4;
+
+return;
+}