Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

array bounds errors using GCC 11.2.0 #13

Open
wwortel opened this issue Jan 12, 2022 · 1 comment
Open

array bounds errors using GCC 11.2.0 #13

wwortel opened this issue Jan 12, 2022 · 1 comment

Comments

@wwortel
Copy link

wwortel commented Jan 12, 2022
edited
Loading

compiling misdnuser with gcc 11.2.0 two functions throw array subscript bound errors. Perhaps false positives, perhaps not:

  1. >>>
    In file included from misc/mbuffer.c:21:
    misc/mbuffer.c: In function ‘alloc_mbuffer’:
    ../include/mISDN/mbuffer.h:161:14: error: array subscript ‘struct mbuffer[0]’ is partly outside array bounds of ‘struct mqueue[1]’ [-Werror=array-bounds]
    161 | next = prev->next;
    | ~~~~~~~^~~~~~~~~~~~
    misc/mbuffer.c:25:25: note: while referencing ‘free_queue_l2’
    25 | static struct mqueue free_queue_l2, free_queue_l3;
    <<<
    by changing in this function like this:
    prev = (struct mbuffer *)q->prev;
    next = (struct mbuffer *)q->next;
    the error disappears but not sure whether functionality is still correct. All the prev and next in both queue and buffer is rather confusing without an idea how this is supposed to function.

  2. >>>
    bridge.c: In function ‘ph_control’:
    bridge.c:160:9: error: array subscript 2 is outside array bounds of ‘unsigned char[16]’ [-Werror=array-bounds]
    160 | *d++ = c2;
    | ^~~~
    bridge.c:150:23: note: while referencing ‘data’
    150 | unsigned char data[MISDN_HEADER_LEN+sizeof(int)+sizeof(int)];
    <<<
    by adding 8, like:
    unsigned char data[MISDN_HEADER_LEN+sizeof(int)+sizeof(int)+8];
    the error disappears but again not sure whether this is changing the intended behaviour.
@wwortel
Copy link
Author

wwortel commented Jan 13, 2022
edited
Loading

regarding misc/mbuffer.c have rewritten it after some study of the mbuffer and mqueue usage and the casting of the mqueue to mbuffer type. I think, but confirmation is needed, that following code does the same but does not evoke the compiler array bound protest.

static inline struct mbuffer *mdequeue(struct mqueue *q)
{
	struct mbuffer *next, *prev, *result;

        pthread_mutex_lock(&q->lock);
	prev = (struct mbuffer *)q;
	next = q->next; <=== q->next  points at the same as original code's prev->next after type cast 
	result = NULL;
	if (next != prev) {
		result = next;
		next = next->next;
		q->len--;
		next->prev = prev;
		q->next = next; <=== q->next still points at the same as original code's prev->next
		result->list = NULL;
	}
	pthread_mutex_unlock(&q->lock);
	return result;
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wwortel