From patchwork Thu Feb 22 09:06:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jakub Jelinek X-Patchwork-Id: 86208 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id C9AC33858422 for ; Thu, 22 Feb 2024 09:07:20 +0000 (GMT) X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 53F5C3858D1E for ; Thu, 22 Feb 2024 09:06:40 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 53F5C3858D1E Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 53F5C3858D1E Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1708592810; cv=none; b=lZxExQV5KiOIiX6lwmxYug0HVJSLs+eY2fAVy954QMw6tuyfQOnD7RyzcUc/2td9m1OGEGiUq72mfFseGg7V/rXWYuOUuCVPttIpcpocQvHzfJjhnQtBeWwIdSKH4EO7IvtQ9XT4TNlqoxtquUUBqJ4M19lSuEkq5UCb0Fnj89s= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1708592810; c=relaxed/simple; bh=pOAxD84jXKko4RMK7YDgoSZtUi/F1g81ix8sWnzI5iI=; h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=jV8VTCm+lmKTmqWaO+Sxajad4/kEKbdN8P3o9dXAlqfgab/LSFKD5Vm7oxprJHiutqTyMcUeIS0Ih2PWNoGg3XcHBu36FCY4f2eLw9LHFIod01B4Pj9k2lD5qifn2+nCW0yRqFEaBi9aXYRcTuRWy/4yvFJinhWoJu+FKoNXk98= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1708592799; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type; bh=LIAn3/Ea5X0qlqMX0bTXfUuRv32gU07jw9b9yFjScyE=; b=SKNY2cVRSOBm/3yFIGU7yWMYGa2hOkU9liOIgoA7zAAy8PnI6gedEezUZ6s0URi4HRMsab ZR/L8V6j3aAiQmnpw2Fs4gIva/d1T/cSpTOi8fMKIlcpBBPl3GpGgLABvvA4GCjrYAts4o gcp6gLXSXjYGT4orEvkQLfVk00HIDeY= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-510-YAMKm9d4OjKLwpC0XfEcQg-1; Thu, 22 Feb 2024 04:06:36 -0500 X-MC-Unique: YAMKm9d4OjKLwpC0XfEcQg-1 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 194CD83B828; Thu, 22 Feb 2024 09:06:36 +0000 (UTC) Received: from tucnak.zalov.cz (unknown [10.39.192.8]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D1D651121337; Thu, 22 Feb 2024 09:06:35 +0000 (UTC) Received: from tucnak.zalov.cz (localhost [127.0.0.1]) by tucnak.zalov.cz (8.17.1/8.17.1) with ESMTPS id 41M96XWQ2145888 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT); Thu, 22 Feb 2024 10:06:33 +0100 Received: (from jakub@localhost) by tucnak.zalov.cz (8.17.1/8.17.1/Submit) id 41M96WZa2145887; Thu, 22 Feb 2024 10:06:32 +0100 Date: Thu, 22 Feb 2024 10:06:32 +0100 From: Jakub Jelinek To: Jan Hubicka Cc: gcc-patches@gcc.gnu.org Subject: [PATCH] profile-count: Don't dump through a temporary buffer [PR111960] Message-ID: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.3 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Disposition: inline X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Jakub Jelinek Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org Hi! The profile_count::dump (char *, struct function * = NULL) const; method has a single caller, the profile_count::dump (FILE *f, struct function *fun) const; method and for that going through a temporary buffer is just slower and opens doors for buffer overflows, which is exactly why this P1 was filed. The buffer size is 64 bytes, the previous maximum "%" PRId64 " (%s)" would print up to 61 bytes in there (19 bytes for arbitrary uint64_t:61 bitfield printed as signed, "estimated locally, globally 0 adjusted" i.e. 38 bytes longest %s and 4 other characters). Now, after the r14-2389 changes, it can be 19 + 38 plus 11 other characters + %.4f, which is worst case 309 chars before decimal point, decimal point and 4 digits after it, so total 382 bytes. So, either we could bump the buffer[64] to buffer[400], or the following patch just drops the indirection through buffer and prints it directly to stream. After all, having APIs which fill in some buffer without passing down the size of the buffer is just asking for buffer overflows over time. Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk? Or do you want buffer[400]; instead? Or buffer[128]; and somehow prevent arbitrarily long doubles? Or add size_t next to char * arguments and use snprintf? Though, truncated messages would look ugly. 2024-02-22 Jakub Jelinek PR ipa/111960 * profile-count.h (profile_count::dump): Remove overload with char * first argument. * profile-count.cc (profile_count::dump): Change overload with char * first argument which uses sprintf into the overfload with FILE * first argument and use fprintf instead. Remove overload which wrapped it. Jakub --- gcc/profile-count.h.jj 2024-01-03 11:51:30.309748150 +0100 +++ gcc/profile-count.h 2024-02-21 21:04:22.338905728 +0100 @@ -1299,9 +1299,6 @@ public: /* Output THIS to F. */ void dump (FILE *f, struct function *fun = NULL) const; - /* Output THIS to BUFFER. */ - void dump (char *buffer, struct function *fun = NULL) const; - /* Print THIS to stderr. */ void debug () const; --- gcc/profile-count.cc.jj 2024-01-03 11:51:40.782602796 +0100 +++ gcc/profile-count.cc 2024-02-21 21:05:28.521994913 +0100 @@ -84,34 +84,24 @@ const char *profile_quality_display_name "precise" }; -/* Dump THIS to BUFFER. */ +/* Dump THIS to F. */ void -profile_count::dump (char *buffer, struct function *fun) const +profile_count::dump (FILE *f, struct function *fun) const { if (!initialized_p ()) - sprintf (buffer, "uninitialized"); + fprintf (f, "uninitialized"); else if (fun && initialized_p () && fun->cfg && ENTRY_BLOCK_PTR_FOR_FN (fun)->count.initialized_p ()) - sprintf (buffer, "%" PRId64 " (%s, freq %.4f)", m_val, + fprintf (f, "%" PRId64 " (%s, freq %.4f)", m_val, profile_quality_display_names[m_quality], to_sreal_scale (ENTRY_BLOCK_PTR_FOR_FN (fun)->count).to_double ()); else - sprintf (buffer, "%" PRId64 " (%s)", m_val, + fprintf (f, "%" PRId64 " (%s)", m_val, profile_quality_display_names[m_quality]); } -/* Dump THIS to F. */ - -void -profile_count::dump (FILE *f, struct function *fun) const -{ - char buffer[64]; - dump (buffer, fun); - fputs (buffer, f); -} - /* Dump THIS to stderr. */ void