c_koans icon indicating copy to clipboard operation
c_koans copied to clipboard

Published 20 hours ago verified publisher icon c-koans

Fixed compilation for GCC 12.2.0 use-after-free error

Open hitomi-nakayama opened this issue 2 years ago • 1 comments

GCC 12.2.0 will complain about use-after-free and refuse to compile about_arrays.c.

Error log before fix 
rm -f -r build bin
gcc -std=gnu11 -Wall -Werror -Wno-unused-function -Wno-nonnull -I include src/about_arrays.c -c -o build/about_arrays.o
In file included from /usr/include/criterion/internal/assert.h:28,
                 from /usr/include/criterion/assert.h:1681,
                 from /usr/include/criterion/criterion.h:32,
                 from include/c_koans.h:1,
                 from src/about_arrays.c:1:
src/about_arrays.c: In function ‘about_arrays_what_is_an_array_impl’:
src/about_arrays.c:107:39: error: pointer ‘yet_another_array’ may be used after ‘realloc’ [-Werror=use-after-free]
  107 |         cr_assert_eq(yet_another_array[i], TODO,
      |                                       ^
src/about_arrays.c:96:10: note: call to ‘realloc’ here
   96 |     if (!realloc(yet_another_array, INIT_ARR_SIZE * sizeof(int))) {
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/about_arrays.c:103:30: error: pointer ‘yet_another_array’ may be used after ‘realloc’ [-Werror=use-after-free]
  103 |         if (yet_another_array[i] == INIT_ARR_SIZE + 1) {
      |                              ^
src/about_arrays.c:96:10: note: call to ‘realloc’ here
   96 |     if (!realloc(yet_another_array, INIT_ARR_SIZE * sizeof(int))) {
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/about_arrays.c:100:22: error: pointer ‘yet_another_array’ may be used after ‘realloc’ [-Werror=use-after-free]
  100 |     yet_another_array[INIT_ARR_SIZE] = 6;
      |                      ^
src/about_arrays.c:96:10: note: call to ‘realloc’ here
   96 |     if (!realloc(yet_another_array, INIT_ARR_SIZE * sizeof(int))) {
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make: *** [Makefile:35: build/about_arrays.o] Error 1

To fix this issue, I added the -Wno-use-after-free compilation flag.

hitomi-nakayama avatar Jan 19 '23 21:01 hitomi-nakayama

Thanks for the help, really appreciate it! Instead of silencing the error, perhaps we should fix it. I think we can have realloc overwrite the same pointer value instead of trusting the input pointer is the same after the realloc call.

yet_another_array = realloc(yet_another_array, INIT_ARR_SIZE * sizeof(int))
if (!yet_another_array) {

nbbeeken avatar Jan 21 '23 19:01 nbbeeken