diff mbox series

[Ada] Prevent overflow in computation of aggregate size

Message ID 20220518084306.GA3307280@adacore.com
State Committed
Commit 16b8ba101f770503f363c095d7be5c055705b84b
Headers
Series [Ada] Prevent overflow in computation of aggregate size |

Commit Message

Pierre-Marie de Rodat May 18, 2022, 8:43 a.m. UTC 
  When computing size of a static aggregate to decide if it should be
transformed into assignments and loops we could have an overflow check.
This is mostly harmless, because colossal aggregates will likely crash
the application anyway, no matter how we transform them.

This was not detected because compiler was built with -gnatg switch that
suppresses overflow checks (they are only enabled by an explicit -gnato
switch).

Tested on x86_64-pc-linux-gnu, committed on trunk

gcc/ada/

	* exp_aggr.adb (Component_Count): Calculate size as an Uint and
	only then check if it is in the range of Int, as otherwise the
	multiplication of Int values can overflow.
diff mbox series

Patch

diff --git a/gcc/ada/exp_aggr.adb b/gcc/ada/exp_aggr.adb
--- a/gcc/ada/exp_aggr.adb
+++ b/gcc/ada/exp_aggr.adb
@@ -661,10 +661,10 @@  package body Exp_Aggr is
 
                   declare
                      UI : constant Uint :=
-                            Expr_Value (Hi) - Expr_Value (Lo) + 1;
+                            (Expr_Value (Hi) - Expr_Value (Lo) + 1) * Siz;
                   begin
                      if UI_Is_In_Int_Range (UI) then
-                        return Siz * UI_To_Int (UI);
+                        return UI_To_Int (UI);
                      else
                         return Int'Last;
                      end if;