Bug report: division by zero in decl.c

Davide Di Paolo <davide.dipaolo09@gmail.com>

Details

Message ID: <c7a795d2-c2d9-4049-a770-8854aa1e043a@gmail.com>
DKIM signature: pass

Download raw message

10 months ago

Hi,
there is a division by zero bug in decl.c:declarator at line 701.

	if (e->u.constant.u > ULLONG_MAX / base.type->size)
		error(&tok.loc, "array length is too large");

The bug is hidden when you compile with gcc because it replaces the 
division even when no optimization is enabled.

To reproduce the bug:

	$ make CC=clang
	$ ./cproc-qbe test/compatible-vla-types.c
	Floating point exception (core dumped)

The target is x86_64-linux-gnu and I cloned cproc from github.

Hope it helps.

Michael Forney <mforney@mforney.org>

Details

Message ID: <3OV8Y1RGTMLE2.2LXU3L05D9MDP@mforney.org>
In-Reply-To: <c7a795d2-c2d9-4049-a770-8854aa1e043a@gmail.com> (view parent)
Sender timestamp: 1739198495
DKIM signature: pass

Download raw message

a month ago

Davide Di Paolo <davide.dipaolo09@gmail.com> wrote:
> Hi,
> there is a division by zero bug in decl.c:declarator at line 701.
> 
> 	if (e->u.constant.u > ULLONG_MAX / base.type->size)
> 		error(&tok.loc, "array length is too large");
> 
> The bug is hidden when you compile with gcc because it replaces the 
> division even when no optimization is enabled.
> 
> To reproduce the bug:
> 
> 	$ make CC=clang
> 	$ ./cproc-qbe test/compatible-vla-types.c
> 	Floating point exception (core dumped)
> 
> The target is x86_64-linux-gnu and I cloned cproc from github.
> 
> Hope it helps.

Hi Davide,

Thanks for reporting this issue. I fixed it in da58ac4dbe.

~mcf/cproc

Bug report: division by zero in decl.c