undefined behavior spotted in the source code of gtar

bug-tar

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

undefined behavior spotted in the source code of gtar

From:	Marc Espie
Subject:	undefined behavior spotted in the source code of gtar
Date:	Sun, 10 Sep 2023 19:42:29 +0200

In buffer.c, in the function drop_volume_label_suffix, around line
1583 the expression "p - (VOLUME_TEXT_LEN - 1)" is ill-defined
according to the C language model (since you can't create a pointer
that goes beyond the boundary of an allocation without triggering
UB).

It doesn't appear to CURRENTLY be a problem, but an aggressive
optimizing compiler that does value propagation would be perfectly
entitled to drop the test altogether:

label appears to always be storage allocated through xmalloc, p points
within that storage, and in order to be "well defined" that expression
CANNOT go below label, so the test could be flagged as always true.

The test could be rearranged as "p - label > VOLUME_TEXT_LEN-1"
which is well defined.

(might require a cast, since p - label is ptrdiff_t hence signed,
whereas VOLUME_TEXT_LEN is unsigned)

[Prev in Thread]

Current Thread

[Next in Thread]

undefined behavior spotted in the source code of gtar, Marc Espie <=
- Re: undefined behavior spotted in the source code of gtar, Paul Eggert, 2023/09/11

Prev by Date: Re: [PATCH] .gitmodules: switch to HTTPS
Next by Date: Re: undefined behavior spotted in the source code of gtar
Previous by thread: [PATCH] .gitmodules: switch to HTTPS
Next by thread: Re: undefined behavior spotted in the source code of gtar
Index(es):
- Date
- Thread