From patchwork Fri Mar 11 07:12:36 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Siddhesh Poyarekar <siddhesh@gotplt.org>
X-Patchwork-Id: 51887
Return-Path: <gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 59E5A385E012
	for <patchwork@sourceware.org>; Fri, 11 Mar 2022 07:13:05 +0000 (GMT)
X-Original-To: gcc-patches@gcc.gnu.org
Delivered-To: gcc-patches@gcc.gnu.org
Received: from butterfly.birch.relay.mailchannels.net
 (butterfly.birch.relay.mailchannels.net [23.83.209.27])
 by sourceware.org (Postfix) with ESMTPS id 5CAD83857C41
 for <gcc-patches@gcc.gnu.org>; Fri, 11 Mar 2022 07:12:48 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 5CAD83857C41
Authentication-Results: sourceware.org;
 dmarc=none (p=none dis=none) header.from=gotplt.org
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gotplt.org
X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org
Received: from relay.mailchannels.net (localhost [127.0.0.1])
 by relay.mailchannels.net (Postfix) with ESMTP id AF7002A0EE3
 for <gcc-patches@gcc.gnu.org>; Fri, 11 Mar 2022 07:12:46 +0000 (UTC)
Received: from pdx1-sub0-mail-a305.dreamhost.com (unknown [127.0.0.6])
 (Authenticated sender: dreamhost)
 by relay.mailchannels.net (Postfix) with ESMTPA id 4D42C2A13AC
 for <gcc-patches@gcc.gnu.org>; Fri, 11 Mar 2022 07:12:46 +0000 (UTC)
ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1646982766; a=rsa-sha256;
 cv=none;
 b=Vc+qtqNCQmBRsbB5l+JFI2plMOF0wbD7DX76qfFkE3/VgFhOF+1qwDghhHZ0dQs5NHHGyW
 YkrD3pIIuOLebG4kJVQn2Sl6ayTFYRLsbnw19ouW5q8zQojEZ1ujPTXUtFgRGjeLnmcm1h
 YvCaHNrnH2rGxZmjoZmMQ0RUGdb+h4T8PWCn5LzmSYip11T+I1shvwU1PNoEEYZRsGcqaV
 TukpaCp14osn13bIo0BtPtJyNjgZiXEPFvINCzmAUkzpDlZvg8DQtg79WO5OJk0OjUZszE
 YbhFaxlp5n4sGyKr9bDYqktMoE9NkYwA/K5hrLAygxjkmr2R+FwgFCN32W1WvQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=mailchannels.net; s=arc-2022; t=1646982766;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:
 content-transfer-encoding:content-transfer-encoding:dkim-signature;
 bh=h6d26feKEIbd5U8tUYey3m6PpQo3ys2dLtxu7c1cF3o=;
 b=POrQQm9nbtKPrerw//A9ec6Bga2PfydhWKuOfHy+8cr/wnEA8fUSrRvNVnYLIdYxh1G3kP
 I7HI3jZFwHoaC7xVcYiukjqslxsuUUiDgdRWy5M5ozC6nDoY3+Aq7AXmUjbNpkKOuez4MC
 YSoO1uPC+lM32Tal4HB+YeKsZqqpVl75MgjzsWxx74OwY5YKZFpOZVgWpEdqeDrEcyG8Iz
 GDVaXSmjbGJ7UrrsOnFI57RSBoKiGj3Avn9K70l1k5oarlF3efQWXq6h0yFghd3KLFfvSq
 PJlpkqnnDZoy2F3C2LU9wVe6d4oa9OtGctniZhekJhbvqcfShfK7XKWPEHJqoA==
ARC-Authentication-Results: i=1; rspamd-56df6fd94d-lvm8t;
 auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@gotplt.org
X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org
Received: from pdx1-sub0-mail-a305.dreamhost.com (pop.dreamhost.com
 [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384)
 by 100.107.255.147 (trex/6.5.3); Fri, 11 Mar 2022 07:12:46 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org
X-MailChannels-Auth-Id: dreamhost
X-Bitter-Spot: 0569bce378fb522e_1646982766556_3787954050
X-MC-Loop-Signature: 1646982766556:1537253155
X-MC-Ingress-Time: 1646982766555
Received: from rhbox.redhat.com (unknown [110.227.9.198])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
 (No client certificate requested)
 (Authenticated sender: siddhesh@gotplt.org)
 by pdx1-sub0-mail-a305.dreamhost.com (Postfix) with ESMTPSA id 4KFHFS6HXgz1V
 for <gcc-patches@gcc.gnu.org>; Thu, 10 Mar 2022 23:12:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gotplt.org;
 s=dreamhost; t=1646982766;
 bh=h6d26feKEIbd5U8tUYey3m6PpQo3ys2dLtxu7c1cF3o=;
 h=From:To:Subject:Date:Content-Transfer-Encoding;
 b=nBc7GCGiI8/etaPTGlL8CMgY4l+l0iqJSZj42DXl7rrLObmnWp95vXFb2+auCmQWB
 sllZOEqKxwwCdGV7Kg375BML2mP0Zi+Z/uHimBpfnub3wFrysOCvxe2MkVNaicTakt
 pMH4u0CqlIm4Q24JSSP+G9YV4tjYsSjmAIQ8Rj0ew1Kc2h16BYz98W0Lu+gZgxT2Bp
 uknaECjXp4kJjH6C4ynTL54LWTmbuIWghlhTEcvGKqJsls/towdskY5RtiMRRMmlO/
 rYqEMCp+FrVv8DqguQELPy+XTOy07KiqX42GmrAn4H+XA06LNnl9oqkDEZ/NqXM3rP
 2bWytZtX6Y6IQ==
From: Siddhesh Poyarekar <siddhesh@gotplt.org>
To: gcc-patches@gcc.gnu.org
Subject: [PATCH] middle-end/104854: Limit strncmp overread warnings
Date: Fri, 11 Mar 2022 12:42:36 +0530
Message-Id: <20220311071236.2349381-1-siddhesh@gotplt.org>
X-Mailer: git-send-email 2.35.1
MIME-Version: 1.0
X-Spam-Status: No, score=-3038.7 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE,
 RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: gcc-patches@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe>
Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org
Sender: "Gcc-patches"
 <gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org>

The size argument in strncmp only describe the maximum length to which
to compare two strings and is not an indication of sizes of the two
source strings.  Do not warn if it is larger than the two input strings
because it is entirely likely that the size argument is a conservative
maximum to accommodate inputs of different lengths and only a subset is
reachable through the current code path.

gcc/ChangeLog:

	middle-end/104854
	* gimple-ssa-warn-access.cc
	(pass_waccess::warn_zero_sized_strncmp_inputs): New function.
	(pass_waccess::check_strncmp): Use it.

gcc/testsuite/ChangeLog:

	middle-end/104854
	* gcc.dg/Wstringop-overread.c (test_strncmp_array): Don't expect
	failures for non-zero sizes.

Signed-off-by: Siddhesh Poyarekar <siddhesh@gotplt.org>
---

x86_64 bootstrap in progress.

 gcc/gimple-ssa-warn-access.cc             | 39 +++++++++++++----------
 gcc/testsuite/gcc.dg/Wstringop-overread.c |  2 +-
 2 files changed, 23 insertions(+), 18 deletions(-)

diff --git a/gcc/gimple-ssa-warn-access.cc b/gcc/gimple-ssa-warn-access.cc
index 75297ed7c9e..970f4b9b69f 100644
--- a/gcc/gimple-ssa-warn-access.cc
+++ b/gcc/gimple-ssa-warn-access.cc
@@ -2137,6 +2137,9 @@ private:
   /* Return true if use follows an invalidating statement.  */
   bool use_after_inval_p (gimple *, gimple *, bool = false);
 
+  /* Emit an overread warning for zero sized inputs to strncmp.  */
+  void warn_zero_sized_strncmp_inputs (gimple *, tree *, access_data *);
+
   /* A pointer_query object to store information about pointers and
      their targets in.  */
   pointer_query m_ptr_qry;
@@ -2619,8 +2622,20 @@ pass_waccess::check_stxncpy (gcall *stmt)
 		data.mode, &data, m_ptr_qry.rvals);
 }
 
-/* Check a call STMT to stpncpy() or strncpy() for overflow and warn
-   if it does.  */
+/* Warn for strncmp on a zero sized source or when an argument isn't
+   nul-terminated.  */
+void
+pass_waccess::warn_zero_sized_strncmp_inputs (gimple *stmt, tree *bndrng,
+					      access_data *pad)
+{
+  tree func = get_callee_fndecl (stmt);
+  location_t loc = gimple_location (stmt);
+  maybe_warn_for_bound (OPT_Wstringop_overread, loc, stmt, func, bndrng,
+			size_zero_node, pad);
+}
+
+/* Check a call STMT to strncmp () for overflow and warn if it does.  This is
+   limited to checking for NUL terminated arrays for now.  */
 
 void
 pass_waccess::check_strncmp (gcall *stmt)
@@ -2703,21 +2718,11 @@ pass_waccess::check_strncmp (gcall *stmt)
   else if (rem2 == 0 || (rem2 < rem1 && lendata2.decl))
     rem1 = rem2;
 
-  /* Point PAD at the array to reference in the note if a warning
-     is issued.  */
-  access_data *pad = len1 ? &adata2 : &adata1;
-  offset_int maxrem = wi::max (rem1, rem2, UNSIGNED);
-  if (lendata1.decl || lendata2.decl
-      || maxrem < wi::to_offset (bndrng[0]))
-    {
-      /* Warn when either argument isn't nul-terminated or the maximum
-	 remaining space in the two arrays is less than the bound.  */
-      tree func = get_callee_fndecl (stmt);
-      location_t loc = gimple_location (stmt);
-      maybe_warn_for_bound (OPT_Wstringop_overread, loc, stmt, func,
-			    bndrng, wide_int_to_tree (sizetype, maxrem),
-			    pad);
-    }
+  if (rem1 == 0)
+    warn_zero_sized_strncmp_inputs (stmt, bndrng, &adata1);
+  if (rem2 == 0)
+    warn_zero_sized_strncmp_inputs (stmt, bndrng, &adata2);
+
 }
 
 /* Determine and check the sizes of the source and the destination
diff --git a/gcc/testsuite/gcc.dg/Wstringop-overread.c b/gcc/testsuite/gcc.dg/Wstringop-overread.c
index 7db74029819..fb8e626439d 100644
--- a/gcc/testsuite/gcc.dg/Wstringop-overread.c
+++ b/gcc/testsuite/gcc.dg/Wstringop-overread.c
@@ -431,7 +431,7 @@ void test_strncmp_array (const char *s, int i)
 
   T (strncmp (a1, b1, 0));
   T (strncmp (a1, b1, 1));
-  T (strncmp (a1, b1, 2));      // { dg-warning "'strncmp' specified bound 2 exceeds source size 1" }
+  T (strncmp (a1, b1, 2));
 }