simulator: fix variadic iteration UB

The current logic calls va_arg() once after the actual last argument has been retrieved. While this should usually not cause real-world problems, it is undefined behaviour caught by AddressSanitizer.

simulator: fix variadic iteration UB
0e1e8c65 · Marvin Häuser · a488a6a8 · 0e1e8c65 · 0e1e8c65 · 0e1e8c65
Commit 0e1e8c65 authored 1 year ago by Marvin Häuser
--- a/simulators/c++2/src_simulator/app/Parameter.h
+++ b/simulators/c++2/src_simulator/app/Parameter.h
@@ -71,15 +71,14 @@ public:
 	SizedParameter(){
 	}
-	SizedParameter(const T& ip1 ...){
+	SizedParameter(const T ip1 ...){
 //#if size>0
 		if (size!=0){
-			T arg=ip1;
 			va_list args; // argument list
 			va_start(args, ip1); // initialize args
-			for (unsigned int i=0;i<size;i++){
+			_p[0]=ip1;
-				_p[i]=arg;
+			for (unsigned int i=1;i<size;i++){
-				arg=va_arg(args, T);
+				_p[i]=va_arg(args, T);
 			}
 		}
 //#endif
@@ -143,12 +142,11 @@ public:
 	}
 	/* template <typename T, int size> void SizedParameter<T,size>::setP(T ip1 ...){
-		T arg=ip1;
 		va_list args; // argument list
 		va_start(args, ip1); // initialize args
-		for (unsigned int i=0;i<size;i++){
+		_p[0]=ip1;
-			_p[i]=arg;
+		for (unsigned int i=1;i<size;i++){
-			arg=va_arg(args, T);
+			_p[i]=va_arg(args, T);
 		}
 	}*/

--- a/simulators/c++2/src_simulator/definitions.h
+++ b/simulators/c++2/src_simulator/definitions.h
@@ -72,6 +72,7 @@ Ludovic Apvrille, Renaud Pacalet
 #include <sys/resource.h>
 #include <unistd.h>
 #include "penalties.h"
+#include <assert.h>
 #define WRITE_STREAM(s,v) s.write((char*) &v,sizeof(v)); 
@@ -775,15 +776,15 @@ inline T StringToNum(const std::string& iStr){
 */
 template<typename T>
 T* array(unsigned int noArgs, T arg1 ...){
-	T arg=arg1;
+	assert(noArgs > 0);
 	T* newArray;
 	unsigned int i;
 	va_list args; // argument list
 	va_start(args, arg1); // initialize args
 	newArray=new T[noArgs];
-	for (i=0;i<noArgs;i++){
+	newArray[0] = arg1;
-		newArray[i]=arg;
+	for (i=1;i<noArgs;i++){
-		arg=va_arg(args, T);
+		newArray[i]=va_arg(args, T);
 	}
 	va_end(args); // clean up args
 	return newArray;

--- a/simulators/c++av/src_simulator/definitions.h
+++ b/simulators/c++av/src_simulator/definitions.h
@@ -64,6 +64,7 @@ Ludovic Apvrille, Renaud Pacalet
 #include <netinet/in.h>
 #include <pthread.h>
 #include <dlfcn.h> 
+#include <assert.h>
 #define xx__VARS(a1, a2, a3, a4, a5, a6, a7, a8, ...) (void*)&(a1), sizeof(a1), (void*)&(a2), sizeof(a2), (void*)&(a3), sizeof(a3), (void*)&(a4), sizeof(a4), (void*)&(a5), sizeof(a5), (void*)&(a6), sizeof(a6), (void*)&(a7), sizeof(a7), (void*)&(a8), sizeof(a8)
 #define xx__SIZE(a1, a2, a3, a4, a5, a6, a7, a8, ...) sizeof(a1)+sizeof(a2)+sizeof(a3)+sizeof(a4)+sizeof(a5)+sizeof(a6)+sizeof(a7)+sizeof(a8)
@@ -138,15 +139,14 @@ public:
 */
 template<typename T>
 T* array(unsigned int noArgs, T arg1 ...){
-	T arg=arg1;
+	assert(noArgs > 0);
 	T* newArray;
 	unsigned int i;
 	va_list args; // argument list
 	va_start(args, arg1); // initialize args
 	newArray=new T[noArgs];
-	for (i=0;i<noArgs;i++){
+	for (i=1;i<noArgs;i++){
-		newArray[i]=arg;
+		newArray[i]=va_arg(args, T);
-		arg=va_arg(args, T);
 	}
 	va_end(args); // clean up args
 	return newArray;