git
/
gcc
mirror of git://gcc.gnu.org/git/gcc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libiberty: Fix off-by-one when collecting range expression 

Fixes this error during build of fixincludes:

In function ‘byte_regex_compile’,
    inlined from ‘xregcomp’ at ../libiberty/../../libiberty/regex.c:7973:11:
../libiberty/../../libiberty/regex.c:3477:29: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=]
 3477 |                     str[c1] = '\0';
      |                             ^
../libiberty/../../libiberty/regex.c: In function ‘xregcomp’:
../libiberty/../../libiberty/regex.c:3454:35: note: at offset 128 into destination object ‘str’ of size 128
 3454 |                     unsigned char str[128];     /* Should be large enough.  */
      |                                   ^

	* regex.c (regex_compile): Don't write beyond array bounds when
	collecting range expression.
This commit is contained in:
Andreas Schwab 2025-05-07 09:46:19 +02:00
parent 90fee97d52
commit 43717ee906
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libiberty/regex.c
View File

@ -3468,7 +3468,7 @@ PREFIX(regex_compile) (const char *ARG_PREFIX(pattern),
PATFETCH (c);
if ((c == '.' && *p == ']') || p == pend)
break;
if (c1 < sizeof (str))
if (c1 < sizeof (str) - 1)
str[c1++] = c;
else
/* This is in any case an invalid class name. */