[PATCH] Fortran: fix NULL pointer dereference in gfc_check_dependency [PR108502]

[PATCH] Fortran: fix NULL pointer dereference in gfc_check_dependency [PR108502]

[Harald Anlauf]

[-- Attachment #1: Type: text/plain, Size: 282 bytes --]

Dear all,

the code in the PR demonstrates that dependency checking in the
frontend optimization was not recovering well from invalid code,
leading to a NULL pointer dereference.  An easy and really obvious
fix.

Regtested on x86_64-pc-linux-gnu.  OK for mainline?

Thanks,
Harald


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: pr108502.diff --]
[-- Type: text/x-patch, Size: 1850 bytes --]

From d27e1b13ba312411ce271f5122f694ffe6c051e6 Mon Sep 17 00:00:00 2001
From: Harald Anlauf <anlauf@gmx.de>
Date: Mon, 23 Jan 2023 22:13:44 +0100
Subject: [PATCH] Fortran: fix NULL pointer dereference in gfc_check_dependency
 [PR108502]

gcc/fortran/ChangeLog:

	PR fortran/108502
	* dependency.cc (gfc_check_dependency): Prevent NULL pointer
	dereference while recursively checking expressions.

gcc/testsuite/ChangeLog:

	PR fortran/108502
	* gfortran.dg/pr108502.f90: New test.
---
 gcc/fortran/dependency.cc              |  5 +++++
 gcc/testsuite/gfortran.dg/pr108502.f90 | 12 ++++++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 gcc/testsuite/gfortran.dg/pr108502.f90

diff --git a/gcc/fortran/dependency.cc b/gcc/fortran/dependency.cc
index 43417a6ec76..9117825ee6e 100644
--- a/gcc/fortran/dependency.cc
+++ b/gcc/fortran/dependency.cc
@@ -1292,6 +1292,11 @@ gfc_check_dependency (gfc_expr *expr1, gfc_expr *expr2, bool identical)
   if (expr1->expr_type != EXPR_VARIABLE)
     gfc_internal_error ("gfc_check_dependency: expecting an EXPR_VARIABLE");

+  /* Prevent NULL pointer dereference while recursively analyzing invalid
+     expressions.  */
+  if (expr2 == NULL)
+    return 0;
+
   switch (expr2->expr_type)
     {
     case EXPR_OP:
diff --git a/gcc/testsuite/gfortran.dg/pr108502.f90 b/gcc/testsuite/gfortran.dg/pr108502.f90
new file mode 100644
index 00000000000..45f73849c57
--- /dev/null
+++ b/gcc/testsuite/gfortran.dg/pr108502.f90
@@ -0,0 +1,12 @@
+! { dg-do compile }
+! { dg-options "-O2 -ffrontend-optimize" }
+! PR fortran/108502 - ICE in gfc_check_dependency
+! Contributed by G.Steinmetz
+
+integer function n()
+  integer :: a(1)
+  a = [1] / 0
+end
+program p
+  integer :: b = n() ! { dg-error "must be an intrinsic function" }
+end
--
2.35.3

Re: [PATCH] Fortran: fix NULL pointer dereference in gfc_check_dependency [PR108502]

[Thomas Koenig]

Hi Harald,

> the code in the PR demonstrates that dependency checking in the
> frontend optimization was not recovering well from invalid code,
> leading to a NULL pointer dereference.  An easy and really obvious
> fix.
> 
> Regtested on x86_64-pc-linux-gnu.  OK for mainline?

Yes indeed (and I would not have minded if you had indeed
committed it as obvious and simple).

Thanks for the patch!

Best regards

	Thomas

Re: [PATCH] Fortran: fix NULL pointer dereference in gfc_check_dependency [PR108502]

[Steve Kargl]

On Mon, Jan 23, 2023 at 10:23:54PM +0100, Harald Anlauf via Fortran wrote:
> 
> the code in the PR demonstrates that dependency checking in the
> frontend optimization was not recovering well from invalid code,
> leading to a NULL pointer dereference.  An easy and really obvious
> fix.
> 
> Regtested on x86_64-pc-linux-gnu.  OK for mainline?
> 

Yes.  I agree patch looks obvious once the issue is found.
Thanks for the patch.

-- 
Steve