Bug#196908: marked as done (g++-3.3: inconsistent behaviour of -Wall)

To: Daniel Jacobowitz <dan@debian.org>
Cc: Debian GCC maintainers <debian-gcc@lists.debian.org>
Subject: Bug#196908: marked as done (g++-3.3: inconsistent behaviour of -Wall)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 11 Jun 2003 18:04:25 -0500
Message-id: <[🔎] handler.196908.D196908.10553723514829.ackdone@bugs.debian.org>
In-reply-to: <20030611225819.GA29786@nevyn.them.org>
References: <20030611225819.GA29786@nevyn.them.org> <[🔎] E19Pmmx-0001x4-00@bonacci.pisa.iol.it>

Your message dated Wed, 11 Jun 2003 18:58:19 -0400
with message-id <20030611225819.GA29786@nevyn.them.org>
and subject line Bug#196908: g++-3.3: inconsistent behaviour of -Wall
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 10 Jun 2003 17:16:32 +0000
>From giuseppe@bonacci.pisa.iol.it Tue Jun 10 12:16:31 2003
Return-path: <giuseppe@bonacci.pisa.iol.it>
Received: from bonacci.pisa.iol.it [193.76.233.84] 
	by master.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 19PmjX-0003gn-00; Tue, 10 Jun 2003 12:16:31 -0500
Received: from giuseppe by bonacci.pisa.iol.it with local (Exim 3.36 #1 (Debian))
	id 19Pmmx-0001x4-00; Tue, 10 Jun 2003 19:20:03 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: giuseppe bonacci <g.bonacci@libero.it>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: g++-3.3: inconsistent behaviour of -Wall
X-Mailer: reportbug 2.10.1
Date: Tue, 10 Jun 2003 19:20:03 +0200
Message-Id: <[🔎] E19Pmmx-0001x4-00@bonacci.pisa.iol.it>
Sender: peppe <g.bonacci@libero.it>
Delivered-To: submit@bugs.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0
	tests=BAYES_01,HAS_PACKAGE
	version=2.53-bugs.debian.org_2003_06_10
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_06_10 (1.174.2.15-2003-03-30-exp)

Package: g++-3.3
Version: 1:3.3-3
Severity: normal
Tags: security

I don't know whether g++-3.3 or libstdc++5-3.3-dev is responsible. 
Anyway, here it is:

$ cat a.cc
#include <iostream>
#include <vector>
template <class T> static inline T f(T x) {
        T y;
        return y;
}
int main() {
    std::vector<int> a;
    a.push_back(12);
    std::cout << *f(a.begin()) << '\n';
}

$ cat b.cc
#include <iostream>
#include <vector>
template <class T> static inline T f(T x) {
        T y;
        return y;
}
int main() {
    int b[] = { 34 };
    std::cout << *f(b) << '\n';
}

Now compare the output from g++ on the above files:

$ g++ -O -W -Wall -ansi -pedantic a.cc
$ g++ -O -W -Wall -ansi -pedantic b.cc
b.cc: In function `int main()':
b.cc:7: warning: `int*y' might be used uninitialized in this function

That is, the same template function f issues a (correct) warning
when instantiated for T = int *, but not when instantiated for T =
std::vector<int>::iterator

This behaviour might cause dereferencing invalid iterators
-- uninitialized or initialized by constructor to some default value --
going unnoticed, and eventually raise security issues in setuid executables.

g.b.

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux bonacci 2.4.20-3-686 #1 Sun May 18 20:26:19 EST 2003 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages g++-3.3 depends on:
ii  gcc-3.3                       1:3.3-3    The GNU C compiler
ii  gcc-3.3-base                  1:3.3-3    The GNU Compiler Collection (base 
ii  libc6                         2.3.1-16   GNU C Library: Shared libraries an
ii  libstdc++5-3.3-dev            1:3.3-3    The GNU Standard C++ Library v3 (d

-- no debconf information


---------------------------------------
Received: (at 196908-done) by bugs.debian.org; 11 Jun 2003 22:59:11 +0000
>From drow@false.org Wed Jun 11 17:59:10 2003
Return-path: <drow@false.org>
Received: from crack.them.org [146.82.138.56] 
	by master.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 19QEYg-0001Fb-00; Wed, 11 Jun 2003 17:59:10 -0500
Received: from dsl093-172-017.pit1.dsl.speakeasy.net
	([66.93.172.17] helo=nevyn.them.org ident=mail)
	by crack.them.org with asmtp (Exim 3.12 #1 (Debian))
	id 19QEYf-0006HO-00; Wed, 11 Jun 2003 17:59:09 -0500
Received: from drow by nevyn.them.org with local (Exim 3.36 #1 (Debian))
	id 19QEXs-0008DB-00; Wed, 11 Jun 2003 18:58:20 -0400
Date: Wed, 11 Jun 2003 18:58:19 -0400
From: Daniel Jacobowitz <dan@debian.org>
To: giuseppe bonacci <g.bonacci@libero.it>, 196908-done@bugs.debian.org
Subject: Re: Bug#196908: g++-3.3: inconsistent behaviour of -Wall
Message-ID: <20030611225819.GA29786@nevyn.them.org>
References: <[🔎] E19Pmmx-0001x4-00@bonacci.pisa.iol.it>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[🔎] E19Pmmx-0001x4-00@bonacci.pisa.iol.it>
User-Agent: Mutt/1.5.1i
Delivered-To: 196908-done@bugs.debian.org
X-Spam-Status: No, hits=-21.8 required=4.0
	tests=BAYES_30,EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT,
	      REFERENCES,REPLY_WITH_QUOTES,USER_AGENT_MUTT
	autolearn=ham version=2.53-bugs.debian.org_2003_06_10
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_06_10 (1.174.2.15-2003-03-30-exp)

On Tue, Jun 10, 2003 at 07:20:03PM +0200, giuseppe bonacci wrote:
> Package: g++-3.3
> Version: 1:3.3-3
> Severity: normal
> Tags: security
> 
> I don't know whether g++-3.3 or libstdc++5-3.3-dev is responsible. 
> Anyway, here it is:
> 
> $ cat a.cc
> #include <iostream>
> #include <vector>
> template <class T> static inline T f(T x) {
>         T y;
>         return y;
> }
> int main() {
>     std::vector<int> a;
>     a.push_back(12);
>     std::cout << *f(a.begin()) << '\n';
> }
> 
> $ cat b.cc
> #include <iostream>
> #include <vector>
> template <class T> static inline T f(T x) {
>         T y;
>         return y;
> }
> int main() {
>     int b[] = { 34 };
>     std::cout << *f(b) << '\n';
> }
> 
> Now compare the output from g++ on the above files:
> 
> $ g++ -O -W -Wall -ansi -pedantic a.cc
> $ g++ -O -W -Wall -ansi -pedantic b.cc
> b.cc: In function `int main()':
> b.cc:7: warning: `int*y' might be used uninitialized in this function
> 
> That is, the same template function f issues a (correct) warning
> when instantiated for T = int *, but not when instantiated for T =
> std::vector<int>::iterator
> 
> This behaviour might cause dereferencing invalid iterators
> -- uninitialized or initialized by constructor to some default value --
> going unnoticed, and eventually raise security issues in setuid executables.

This is not a bug.  T y does not initialize when T = int *, but does
call the constructor for std::vector<int>::iterator.

-- 
Daniel Jacobowitz
MontaVista Software                         Debian GNU/Linux Developer

Reply to:

References:
- Bug#196908: g++-3.3: inconsistent behaviour of -Wall
  - From: giuseppe bonacci <g.bonacci@libero.it>

Prev by Date: [Bug target/11084] [3.3/3.4 regression] ICE in propagate_one_insn, at flow.c:1639
Next by Date: Bug#197099: [3.3 arm regression] internal compiler error: in change_address_1, at emit-rtl.c:2017
Previous by thread: Bug#196908: g++-3.3: inconsistent behaviour of -Wall
Next by thread: Bug#196915: gcc-3.3_1:3.3ds9-3(powerpc/unstable): FTBFS: treelang still fails
Index(es):
- Date
- Thread