[clang] [Clang] Fix __builtin_dynamic_object_size off by 4 (PR #111015)
Bill Wendling via cfe-commits
cfe-commits at lists.llvm.org
Mon Oct 7 17:24:05 PDT 2024
bwendling wrote:
> After looking at the assembly produced by gcc more, it actually looks like it's using the allocation size if it's known in the current context (for example if the struct was just malloced in the same function) and otherwise returns INT_MAX for the __bdos of a struct containing a flexible array member. It's only returning the size based on the __counted_by attribute of you ask it for the __bdos of the flexible array member itself.
>
> ```c
> int test(struct posix_acl *acl) {
> return __builtin_dynamic_object_size(acl, 0);
> }
> ```
>
> actually compiles to
>
> ```
> test:
> mov eax, -1
> ret
> ```
>
> using gcc (trunk) on compiler explorer.
I think this is because GCC hasn't (yet) modified their version of `__builtin_dynamic_object_size` to use the `counted_by` attribute. If you were to write code that intentionally modified beyond the FAM element, does GCC's sanitizer catch it?
https://github.com/llvm/llvm-project/pull/111015
More information about the cfe-commits
mailing list