[llvm-bugs] [Bug 45144] New: __builtin_dump_struct buffer overrun with types it doesn't handle
via llvm-bugs
llvm-bugs at lists.llvm.org
Sat Mar 7 12:04:20 PST 2020
https://bugs.llvm.org/show_bug.cgi?id=45144
Bug ID: 45144
Summary: __builtin_dump_struct buffer overrun with types it
doesn't handle
Product: clang
Version: 9.0
Hardware: PC
OS: All
Status: NEW
Severity: enhancement
Priority: P
Component: C++
Assignee: unassignedclangbugs at nondot.org
Reporter: ndkrempel at gmail.com
CC: blitzrakete at gmail.com, dgregor at apple.com,
erik.pilkington at gmail.com, llvm-bugs at lists.llvm.org,
richard-llvm at metafoo.co.uk
The following program:
#include <cstdio>
struct Foo {
short a[1];
};
int main() {
Foo f = {2};
__builtin_dump_struct(&f, &std::printf);
}
prints out garbage data from clang's memory:
struct Foo {
short [1] a : 0x315b2074726f0002
}
The "0002" on the end is the valid data, the rest is presumably whatever
happened to be in the compiler's memory afterwards.
A similar thing happens with any field type that __builtin_dump_struct doesn't
understand - it prints out 8 bytes (or maybe 4 bytes on a 32-bit system) of
data, regardless of the actual size of the field.
Reproduced on clang 9.0.0 and trunk. Didn't seem to occur on 7.0.0 and 8.0.0
but that could have just been getting lucky that the extra bytes displayed were
all 0.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20200307/cff52f2d/attachment.html>
More information about the llvm-bugs
mailing list