mirror/gcc
2
0
Fork 0
mirror of git://gcc.gnu.org/git/gcc.git synced 2025-04-21 04:50:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

[Ada] Avoid buffer overflow in Long_Long_Float_Text_IO

Browse Source 
2020-06-04  Steve Baird  <baird@adacore.com>

gcc/ada/

	* libgnat/s-imgrea.ads: Declare a named number
	Max_Real_Image_Length with value 5200.  Provide a comment
	explaining why this value was chosen.
	* libgnat/s-imgrea.adb (Set_Image_Real): Increase the upper
	bound of the local String variable Digs to
	Max_Real_Image_Length.
	* libgnat/a-tiflau.adb (Put): Increase the upper bound of the
	local String variable Buf to Max_Real_Image_Length.
	(Puts): Increase the upper bound of the local String variable
	Buf to Max_Real_Image_Length.
This commit is contained in:
Steve Baird 2020-01-17 22:10:13 -08:00 committed by Pierre-Marie de Rodat
parent b68c1670b7
commit b5682bf40c
3 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
gcc/ada/libgnat/a-tiflau.adb
View File

@ -194,7 +194,7 @@ package body Ada.Text_IO.Float_Aux is
Aft : Field;
Exp : Field)
is
Buf : String (1 .. 3 * Field'Last + 2);
Buf : String (1 .. Max_Real_Image_Length);
Ptr : Natural := 0;
begin
@ -212,7 +212,7 @@ package body Ada.Text_IO.Float_Aux is
Aft : Field;
Exp : Field)
is
Buf : String (1 .. 3 * Field'Last + 2);
Buf : String (1 .. Max_Real_Image_Length);
Ptr : Natural := 0;
begin

11
gcc/ada/libgnat/s-imgrea.adb
View File

@ -151,14 +151,9 @@ package body System.Img_Real is
Scale : Integer;
Expon : Integer;
Field_Max : constant := 255;
-- This should be the same value as Ada.[Wide_]Text_IO.Field'Last.
-- It is not worth dragging in Ada.Text_IO to pick up this value,
-- since it really should never be necessary to change it.
Digs : String (1 .. 2 * Field_Max + 16);
-- Array used to hold digits of converted integer value. This is a
-- large enough buffer to accommodate ludicrous values of Fore and Aft.
Digs : String (1 .. Max_Real_Image_Length);
-- Array used to hold digits of converted integer value. This is a large
-- enough buffer to accommodate ludicrous Fore/Aft/Exp combinations.
Ndigs : Natural;
-- Number of digits stored in Digs (and also subscript of last digit)

5
gcc/ada/libgnat/s-imgrea.ads
View File

@ -73,4 +73,9 @@ package System.Img_Real is
-- can be set to any valid values for the case of use from Text_IO. Note
-- that no space is stored at the start for non-negative values.
Max_Real_Image_Length : constant := 5200;
-- If Exp is set to zero and Aft is set to Text_IO.Field'Last (i.e., 255)
-- then Long_Long_Float'Last generates an image whose length is
-- slightly less than 5200.
end System.Img_Real;