From 7f62b768876fc8b0779d10ae3fcba1fc7aeaba04 Mon Sep 17 00:00:00 2001 From: "jan.nijtmans" Date: Fri, 11 Sep 2020 12:31:48 +0000 Subject: Fix [https://core.tcl-lang.org/tk/tktview?name=3bc0f44ef3|3bc0f44ef3]: UBSan complains about body.chars[] usage. (Yes, I know, this one is for Tk, but Tcl was using the same construct too ....) --- generic/tclBinary.c | 10 ++++----- generic/tclCompile.h | 6 +++--- generic/tclEncoding.c | 2 +- generic/tclIO.h | 2 +- generic/tclInt.h | 10 +++++++-- generic/tclObj.c | 56 +++++++++++++++++++++++++------------------------- generic/tclProc.c | 10 ++++----- generic/tclStringRep.h | 2 +- 8 files changed, 52 insertions(+), 46 deletions(-) diff --git a/generic/tclBinary.c b/generic/tclBinary.c index f66aff7..78cdd42 100644 --- a/generic/tclBinary.c +++ b/generic/tclBinary.c @@ -199,7 +199,7 @@ typedef struct ByteArray { * array. */ int allocated; /* The amount of space actually allocated * minus 1 byte. */ - unsigned char bytes[1]; /* The array of bytes. The actual size of this + unsigned char bytes[TCLFLEXARRAY]; /* The array of bytes. The actual size of this * field depends on the 'allocated' field * above. */ } ByteArray; @@ -334,7 +334,7 @@ Tcl_SetByteArrayObj( if (length < 0) { length = 0; } - byteArrayPtr = ckalloc(BYTEARRAY_SIZE(length)); + byteArrayPtr = (ByteArray *)ckalloc(BYTEARRAY_SIZE(length)); byteArrayPtr->used = length; byteArrayPtr->allocated = length; @@ -460,7 +460,7 @@ SetByteArrayFromAny( src = TclGetStringFromObj(objPtr, &length); srcEnd = src + length; - byteArrayPtr = ckalloc(BYTEARRAY_SIZE(length)); + byteArrayPtr = (ByteArray *)ckalloc(BYTEARRAY_SIZE(length)); for (dst = byteArrayPtr->bytes; src < srcEnd; ) { src += TclUtfToUniChar(src, &ch); *dst++ = UCHAR(ch); @@ -529,7 +529,7 @@ DupByteArrayInternalRep( srcArrayPtr = GET_BYTEARRAY(srcPtr); length = srcArrayPtr->used; - copyArrayPtr = ckalloc(BYTEARRAY_SIZE(length)); + copyArrayPtr = (ByteArray *)ckalloc(BYTEARRAY_SIZE(length)); copyArrayPtr->used = length; copyArrayPtr->allocated = length; memcpy(copyArrayPtr->bytes, srcArrayPtr->bytes, length); @@ -588,7 +588,7 @@ UpdateStringOfByteArray( Tcl_Panic("max size for a Tcl value (%d bytes) exceeded", INT_MAX); } - dst = ckalloc(size + 1); + dst = (char *)ckalloc(size + 1); objPtr->bytes = dst; objPtr->length = size; diff --git a/generic/tclCompile.h b/generic/tclCompile.h index 1d657a7..03b4a90 100644 --- a/generic/tclCompile.h +++ b/generic/tclCompile.h @@ -966,7 +966,7 @@ typedef struct JumpFixupArray { typedef struct ForeachVarList { int numVars; /* The number of variables in the list. */ - int varIndexes[1]; /* An array of the indexes ("slot numbers") + int varIndexes[TCLFLEXARRAY];/* An array of the indexes ("slot numbers") * for each variable in the procedure's array * of local variables. Only scalar variables * are supported. The actual size of this @@ -990,7 +990,7 @@ typedef struct ForeachInfo { * the loop's iteration count. Used to * determine next value list element to assign * each loop var. */ - ForeachVarList *varLists[1];/* An array of pointers to ForeachVarList + ForeachVarList *varLists[TCLFLEXARRAY];/* An array of pointers to ForeachVarList * structures describing each var list. The * actual size of this field will be large * enough to numVars indexes. THIS MUST BE THE @@ -1021,7 +1021,7 @@ MODULE_SCOPE const AuxDataType tclJumptableInfoType; typedef struct { int length; /* Size of array */ - int varIndices[1]; /* Array of variable indices to manage when + int varIndices[TCLFLEXARRAY]; /* Array of variable indices to manage when * processing the start and end of a [dict * update]. There is really more than one * entry, and the structure is allocated to diff --git a/generic/tclEncoding.c b/generic/tclEncoding.c index 6377ad8..557f241 100644 --- a/generic/tclEncoding.c +++ b/generic/tclEncoding.c @@ -116,7 +116,7 @@ typedef struct { * entry in this array is 1, otherwise it is * 0. */ int numSubTables; /* Length of following array. */ - EscapeSubTable subTables[1];/* Information about each EscapeSubTable used + EscapeSubTable subTables[TCLFLEXARRAY];/* Information about each EscapeSubTable used * by this encoding type. The actual size is * as large as necessary to hold all * EscapeSubTables. */ diff --git a/generic/tclIO.h b/generic/tclIO.h index ffbfa31..eccc7a9 100644 --- a/generic/tclIO.h +++ b/generic/tclIO.h @@ -44,7 +44,7 @@ typedef struct ChannelBuffer { int bufLength; /* How big is the buffer? */ struct ChannelBuffer *nextPtr; /* Next buffer in chain. */ - char buf[1]; /* Placeholder for real buffer. The real + char buf[TCLFLEXARRAY]; /* Placeholder for real buffer. The real * buffer occuppies this space + bufSize-1 * bytes. This must be the last field in the * structure. */ diff --git a/generic/tclInt.h b/generic/tclInt.h index 317ae1f..e145925 100644 --- a/generic/tclInt.h +++ b/generic/tclInt.h @@ -877,6 +877,12 @@ typedef struct VarInHash { *---------------------------------------------------------------- */ +#if defined(__GNUC__) && (__GNUC__ > 2) +# define TCLFLEXARRAY 0 +#else +# define TCLFLEXARRAY 1 +#endif + /* * Forward declaration to prevent an error when the forward reference to * Command is encountered in the Proc and ImportRef types declared below. @@ -920,7 +926,7 @@ typedef struct CompiledLocal { * is marked by a unique ClientData tag during * compilation, and that same tag is used to * find the variable at runtime. */ - char name[1]; /* Name of the local variable starts here. If + char name[TCLFLEXARRAY]; /* Name of the local variable starts here. If * the name is NULL, this will just be '\0'. * The actual size of this field will be large * enough to hold the name. MUST BE THE LAST @@ -1254,7 +1260,7 @@ typedef struct CFWordBC { typedef struct ContLineLoc { int num; /* Number of entries in loc, not counting the * final -1 marker entry. */ - int loc[1]; /* Table of locations, as character offsets. + int loc[TCLFLEXARRAY];/* Table of locations, as character offsets. * The table is allocated as part of the * structure, extending behind the nominal end * of the structure. An entry containing the diff --git a/generic/tclObj.c b/generic/tclObj.c index 28fb3da..a2544ad 100644 --- a/generic/tclObj.c +++ b/generic/tclObj.c @@ -145,12 +145,12 @@ typedef struct PendingObjData { #define ObjDeletionUnlock(contextPtr) ((contextPtr)->deletionCount--) #define ObjDeletePending(contextPtr) ((contextPtr)->deletionCount > 0) #define ObjOnStack(contextPtr) ((contextPtr)->deletionStack != NULL) -#define PushObjToDelete(contextPtr,objPtr) \ +#define PushObjToDelete(contextPtr,objPtr) \ /* The string rep is already invalidated so we can use the bytes value \ * for our pointer chain: push onto the head of the stack. */ \ (objPtr)->bytes = (char *) ((contextPtr)->deletionStack); \ (contextPtr)->deletionStack = (objPtr) -#define PopObjToDelete(contextPtr,objPtrVar) \ +#define PopObjToDelete(contextPtr,objPtrVar) \ (objPtrVar) = (contextPtr)->deletionStack; \ (contextPtr)->deletionStack = (Tcl_Obj *) (objPtrVar)->bytes @@ -168,7 +168,7 @@ static __thread PendingObjData pendingObjData; #else static Tcl_ThreadDataKey pendingObjDataKey; #define ObjInitDeletionContext(contextPtr) \ - PendingObjData *const contextPtr = \ + PendingObjData *const contextPtr = \ Tcl_GetThreadData(&pendingObjDataKey, sizeof(PendingObjData)) #endif @@ -177,27 +177,27 @@ static Tcl_ThreadDataKey pendingObjDataKey; */ #define PACK_BIGNUM(bignum, objPtr) \ - if ((bignum).used > 0x7FFF) { \ - mp_int *temp = (void *) ckalloc((unsigned) sizeof(mp_int)); \ + if ((bignum).used > 0x7FFF) { \ + mp_int *temp = (mp_int *)ckalloc(sizeof(mp_int)); \ *temp = bignum; \ - (objPtr)->internalRep.twoPtrValue.ptr1 = temp; \ - (objPtr)->internalRep.twoPtrValue.ptr2 = INT2PTR(-1); \ - } else { \ + (objPtr)->internalRep.twoPtrValue.ptr1 = temp; \ + (objPtr)->internalRep.twoPtrValue.ptr2 = INT2PTR(-1); \ + } else { \ if ((bignum).alloc > 0x7FFF) { \ mp_shrink(&(bignum)); \ } \ - (objPtr)->internalRep.twoPtrValue.ptr1 = (void *) (bignum).dp; \ - (objPtr)->internalRep.twoPtrValue.ptr2 = INT2PTR( ((bignum).sign << 30) \ - | ((bignum).alloc << 15) | ((bignum).used)); \ + (objPtr)->internalRep.twoPtrValue.ptr1 = (void *)(bignum).dp; \ + (objPtr)->internalRep.twoPtrValue.ptr2 = INT2PTR(((bignum).sign << 30) \ + | ((bignum).alloc << 15) | ((bignum).used)); \ } #define UNPACK_BIGNUM(objPtr, bignum) \ - if ((objPtr)->internalRep.twoPtrValue.ptr2 == INT2PTR(-1)) { \ - (bignum) = *((mp_int *) ((objPtr)->internalRep.twoPtrValue.ptr1)); \ + if ((objPtr)->internalRep.twoPtrValue.ptr2 == INT2PTR(-1)) { \ + (bignum) = *((mp_int *) ((objPtr)->internalRep.twoPtrValue.ptr1)); \ } else { \ - (bignum).dp = (objPtr)->internalRep.twoPtrValue.ptr1; \ + (bignum).dp = (objPtr)->internalRep.twoPtrValue.ptr1; \ (bignum).sign = PTR2INT((objPtr)->internalRep.twoPtrValue.ptr2) >> 30; \ - (bignum).alloc = \ + (bignum).alloc = \ (PTR2INT((objPtr)->internalRep.twoPtrValue.ptr2) >> 15) & 0x7FFF; \ (bignum).used = PTR2INT((objPtr)->internalRep.twoPtrValue.ptr2) & 0x7FFF; \ } @@ -541,7 +541,7 @@ TclGetContLineTable(void) ThreadSpecificData *tsdPtr = TCL_TSD_INIT(&dataKey); if (!tsdPtr->lineCLPtr) { - tsdPtr->lineCLPtr = ckalloc(sizeof(Tcl_HashTable)); + tsdPtr->lineCLPtr = (Tcl_HashTable *)ckalloc(sizeof(Tcl_HashTable)); Tcl_InitHashTable(tsdPtr->lineCLPtr, TCL_ONE_WORD_KEYS); Tcl_CreateThreadExitHandler(TclThreadFinalizeContLines,NULL); } @@ -576,7 +576,7 @@ TclContinuationsEnter( ThreadSpecificData *tsdPtr = TclGetContLineTable(); Tcl_HashEntry *hPtr = Tcl_CreateHashEntry(tsdPtr->lineCLPtr, objPtr, &newEntry); - ContLineLoc *clLocPtr = ckalloc(sizeof(ContLineLoc) + num*sizeof(int)); + ContLineLoc *clLocPtr = (ContLineLoc *)ckalloc(TclOffset(ContLineLoc, loc) + (num + 1) *sizeof(int)); if (!newEntry) { /* @@ -1079,7 +1079,7 @@ TclDbInitNewObj( ThreadSpecificData *tsdPtr = TCL_TSD_INIT(&dataKey); if (tsdPtr->objThreadMap == NULL) { - tsdPtr->objThreadMap = ckalloc(sizeof(Tcl_HashTable)); + tsdPtr->objThreadMap = (Tcl_HashTable *)ckalloc(sizeof(Tcl_HashTable)); Tcl_InitHashTable(tsdPtr->objThreadMap, TCL_ONE_WORD_KEYS); } tablePtr = tsdPtr->objThreadMap; @@ -1092,7 +1092,7 @@ TclDbInitNewObj( * Record the debugging information. */ - objData = ckalloc(sizeof(ObjData)); + objData = (ObjData *)ckalloc(sizeof(ObjData)); objData->objPtr = objPtr; objData->file = file; objData->line = line; @@ -1251,7 +1251,7 @@ TclAllocateFreeObjects(void) * Purify apparently can't figure that out, and fires a false alarm. */ - basePtr = ckalloc(bytesToAlloc); + basePtr = (char *)ckalloc(bytesToAlloc); prevPtr = NULL; objPtr = (Tcl_Obj *) basePtr; @@ -2373,7 +2373,7 @@ UpdateStringOfDouble( Tcl_PrintDouble(NULL, objPtr->internalRep.doubleValue, buffer); len = strlen(buffer); - objPtr->bytes = ckalloc(len + 1); + objPtr->bytes = (char *)ckalloc(len + 1); memcpy(objPtr->bytes, buffer, (unsigned) len + 1); objPtr->length = len; } @@ -2573,7 +2573,7 @@ UpdateStringOfInt( len = TclFormatInt(buffer, objPtr->internalRep.longValue); - objPtr->bytes = ckalloc(len + 1); + objPtr->bytes = (char *)ckalloc(len + 1); memcpy(objPtr->bytes, buffer, (unsigned) len + 1); objPtr->length = len; } @@ -2877,7 +2877,7 @@ UpdateStringOfWideInt( sprintf(buffer, "%" TCL_LL_MODIFIER "d", wideVal); len = strlen(buffer); - objPtr->bytes = ckalloc(len + 1); + objPtr->bytes = (char *)ckalloc(len + 1); memcpy(objPtr->bytes, buffer, len + 1); objPtr->length = len; } @@ -3269,7 +3269,7 @@ UpdateStringOfBignum( Tcl_Panic("UpdateStringOfBignum: string length limit exceeded"); } - stringVal = ckalloc(size); + stringVal = (char *)ckalloc(size); status = mp_to_radix(&bignumVal, stringVal, size, NULL, 10); if (status != MP_OKAY) { Tcl_Panic("conversion failure in UpdateStringOfBignum"); @@ -3942,8 +3942,8 @@ AllocObjEntry( Tcl_HashTable *tablePtr, /* Hash table. */ void *keyPtr) /* Key to store in the hash table entry. */ { - Tcl_Obj *objPtr = keyPtr; - Tcl_HashEntry *hPtr = ckalloc(sizeof(Tcl_HashEntry)); + Tcl_Obj *objPtr = (Tcl_Obj *)keyPtr; + Tcl_HashEntry *hPtr = (Tcl_HashEntry *)ckalloc(sizeof(Tcl_HashEntry)); hPtr->key.objPtr = objPtr; Tcl_IncrRefCount(objPtr); @@ -4236,7 +4236,7 @@ TclSetCmdNameObj( } cmdPtr->refCount++; - resPtr = ckalloc(sizeof(ResolvedCmdName)); + resPtr = (ResolvedCmdName *)ckalloc(sizeof(ResolvedCmdName)); resPtr->cmdPtr = cmdPtr; resPtr->cmdEpoch = cmdPtr->cmdEpoch; resPtr->refCount = 1; @@ -4422,7 +4422,7 @@ SetCmdNameFromAny( } } else { TclFreeIntRep(objPtr); - resPtr = ckalloc(sizeof(ResolvedCmdName)); + resPtr = (ResolvedCmdName *)ckalloc(sizeof(ResolvedCmdName)); resPtr->refCount = 1; objPtr->internalRep.twoPtrValue.ptr1 = resPtr; objPtr->internalRep.twoPtrValue.ptr2 = NULL; diff --git a/generic/tclProc.c b/generic/tclProc.c index 4600382..a9134f2 100644 --- a/generic/tclProc.c +++ b/generic/tclProc.c @@ -600,7 +600,7 @@ TclCreateProc( */ localPtr = (CompiledLocal *)ckalloc( - TclOffset(CompiledLocal, name) + fieldValues[0]->length +1); + TclOffset(CompiledLocal, name) + fieldValues[0]->length + 1); if (procPtr->firstLocalPtr == NULL) { procPtr->firstLocalPtr = procPtr->lastLocalPtr = localPtr; } else { @@ -1305,8 +1305,8 @@ InitLocalCache( * for future calls. */ - localCachePtr = ckalloc(sizeof(LocalCache) - + (localCt - 1) * sizeof(Tcl_Obj *) + localCachePtr = (LocalCache *)ckalloc(TclOffset(LocalCache, varName0) + + localCt * sizeof(Tcl_Obj *) + numArgs * sizeof(Var)); namePtr = &localCachePtr->varName0; @@ -2499,12 +2499,12 @@ SetLambdaFromAny( * location (line of 2nd list element). */ - cfPtr = ckalloc(sizeof(CmdFrame)); + cfPtr = (CmdFrame *)ckalloc(sizeof(CmdFrame)); TclListLines(objPtr, contextPtr->line[1], 2, buf, NULL); cfPtr->level = -1; cfPtr->type = contextPtr->type; - cfPtr->line = ckalloc(sizeof(int)); + cfPtr->line = (int *)ckalloc(sizeof(int)); cfPtr->line[0] = buf[1]; cfPtr->nline = 1; cfPtr->framePtr = NULL; diff --git a/generic/tclStringRep.h b/generic/tclStringRep.h index 6d179ba..25b854e 100644 --- a/generic/tclStringRep.h +++ b/generic/tclStringRep.h @@ -59,7 +59,7 @@ typedef struct String { * space allocated for the unicode array. */ int hasUnicode; /* Boolean determining whether the string has * a Unicode representation. */ - Tcl_UniChar unicode[1]; /* The array of Unicode chars. The actual size + Tcl_UniChar unicode[TCLFLEXARRAY]; /* The array of Unicode chars. The actual size * of this field depends on the 'maxChars' * field above. */ } String; -- cgit v0.12