public inbox for gcc-cvs@sourceware.org
help / color / mirror / Atom feed
* [gcc(refs/users/guojiufu/heads/personal-branch)] PR fortran/95091 - Buffer overflows with submodules and long symbols
@ 2020-06-10 3:43 Jiu Fu Guo
0 siblings, 0 replies; 2+ messages in thread
From: Jiu Fu Guo @ 2020-06-10 3:43 UTC (permalink / raw)
To: gcc-cvs
https://gcc.gnu.org/g:5aaccde3db39fac7e7f6677ceccc1eadd9c6a424
commit 5aaccde3db39fac7e7f6677ceccc1eadd9c6a424
Author: Harald Anlauf <anlauf@gmx.de>
Date: Sun Jun 7 16:43:12 2020 +0200
PR fortran/95091 - Buffer overflows with submodules and long symbols
Add cast to fix bootstrap error with -Werror=sign-compare.
gcc/fortran/
PR fortran/95091
* class.c (gfc_hash_value): Add cast.
Diff:
---
gcc/fortran/class.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gcc/fortran/class.c b/gcc/fortran/class.c
index 8bb73502f5d..2b55859ce75 100644
--- a/gcc/fortran/class.c
+++ b/gcc/fortran/class.c
@@ -540,7 +540,7 @@ gfc_hash_value (gfc_symbol *sym)
get_unique_type_string (&c[0], sym);
len = strnlen (c, sizeof (c));
- gcc_assert (len < sizeof (c));
+ gcc_assert ((size_t) len < sizeof (c));
for (i = 0; i < len; i++)
hash = (hash << 6) + (hash << 16) - hash + c[i];
^ permalink raw reply [flat|nested] 2+ messages in thread
* [gcc(refs/users/guojiufu/heads/personal-branch)] PR fortran/95091 - Buffer overflows with submodules and long symbols
@ 2020-06-10 3:43 Jiu Fu Guo
0 siblings, 0 replies; 2+ messages in thread
From: Jiu Fu Guo @ 2020-06-10 3:43 UTC (permalink / raw)
To: gcc-cvs
https://gcc.gnu.org/g:b342cfd648e6658363c7c8fef83af8f59dba1795
commit b342cfd648e6658363c7c8fef83af8f59dba1795
Author: Harald Anlauf <anlauf@gmx.de>
Date: Sun Jun 7 14:47:24 2020 +0200
PR fortran/95091 - Buffer overflows with submodules and long symbols
With submodules, name mangling results in long internal symbols. This
requires adjustment of the sizes of temporaries to avoid buffer overflows.
2020-06-07 Harald Anlauf <anlauf@gmx.de>
gcc/fortran/
PR fortran/95091
* class.c (get_unique_type_string, gfc_hash_value): Enlarge
buffers, and check whether the strings returned by
get_unique_type_string() fit.
Diff:
---
gcc/fortran/class.c | 13 ++++++++-----
gcc/testsuite/gfortran.dg/pr95091.f90 | 19 +++++++++++++++++++
2 files changed, 27 insertions(+), 5 deletions(-)
diff --git a/gcc/fortran/class.c b/gcc/fortran/class.c
index b1764073ab4..8bb73502f5d 100644
--- a/gcc/fortran/class.c
+++ b/gcc/fortran/class.c
@@ -509,9 +509,11 @@ get_unique_type_string (char *string, gfc_symbol *derived)
static void
get_unique_hashed_string (char *string, gfc_symbol *derived)
{
- /* Provide sufficient space to hold "symbol_Pdtsymbol". */
- char tmp[2*GFC_MAX_SYMBOL_LEN+5];
+ /* Provide sufficient space to hold "symbol.symbol_symbol". */
+ char tmp[3*GFC_MAX_SYMBOL_LEN+3];
get_unique_type_string (&tmp[0], derived);
+ size_t len = strnlen (tmp, sizeof (tmp));
+ gcc_assert (len < sizeof (tmp));
/* If string is too long, use hash value in hex representation (allow for
extra decoration, cf. gfc_build_class_symbol & gfc_find_derived_vtab).
We need space to for 15 characters "__class_" + symbol name + "_%d_%da",
@@ -532,12 +534,13 @@ unsigned int
gfc_hash_value (gfc_symbol *sym)
{
unsigned int hash = 0;
- /* Provide sufficient space to hold "symbol_Pdtsymbol". */
- char c[2*GFC_MAX_SYMBOL_LEN+5];
+ /* Provide sufficient space to hold "symbol.symbol_symbol". */
+ char c[3*GFC_MAX_SYMBOL_LEN+3];
int i, len;
get_unique_type_string (&c[0], sym);
- len = strlen (c);
+ len = strnlen (c, sizeof (c));
+ gcc_assert (len < sizeof (c));
for (i = 0; i < len; i++)
hash = (hash << 6) + (hash << 16) - hash + c[i];
diff --git a/gcc/testsuite/gfortran.dg/pr95091.f90 b/gcc/testsuite/gfortran.dg/pr95091.f90
new file mode 100644
index 00000000000..1c48dca2f4a
--- /dev/null
+++ b/gcc/testsuite/gfortran.dg/pr95091.f90
@@ -0,0 +1,19 @@
+! { dg-do compile }
+! { dg-options "-fsecond-underscore" }
+! PR fortran/95091 - ICE in gfc_hash_value
+
+module m2345678901234567890123456789012345678901234567890123456789_123
+ type t2345678901234567890123456789012345678901234567890123456789_123
+ end type t2345678901234567890123456789012345678901234567890123456789_123
+ interface
+ module subroutine s2345678901234567890123456789012345678901234567890123456789_123 &
+ (x2345678901234567890123456789012345678901234567890123456789_123)
+ end
+ end interface
+end
+submodule(m2345678901234567890123456789012345678901234567890123456789_123) &
+ n2345678901234567890123456789012345678901234567890123456789_123
+ type, extends(t2345678901234567890123456789012345678901234567890123456789_123) :: &
+ u2345678901234567890123456789012345678901234567890123456789_123
+ end type
+end
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-06-10 3:43 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-10 3:43 [gcc(refs/users/guojiufu/heads/personal-branch)] PR fortran/95091 - Buffer overflows with submodules and long symbols Jiu Fu Guo
-- strict thread matches above, loose matches on Subject: below --
2020-06-10 3:43 Jiu Fu Guo
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).