[PATCH] PR c++/71184: Fix NULL dereference in cp_parser

public inbox for gcc-patches@gcc.gnu.org
 help / color / mirror / Atom feed

* [PATCH] PR c++/71184: Fix NULL dereference in cp_parser_operator
@ 2016-05-19  0:34 David Malcolm
  2016-05-19 13:43 ` Jason Merrill
  0 siblings, 1 reply; 2+ messages in thread
From: David Malcolm @ 2016-05-19  0:34 UTC (permalink / raw)
  To: gcc-patches; +Cc: David Malcolm

The source-range handling for the array form of operator
new/delete erroneously assumed that the "]" was present,
leading to a dereference of NULL when it's absent.

Fix it thusly.

Successfully bootstrapped&regrtested on x86_64-pc-linux-gnu;
adds 6 PASS results to g++.sum.

OK for trunk and gcc-6-branch?

gcc/cp/ChangeLog:
	PR c++/71184
	* parser.c (cp_parser_operator): For array new/delete, check that
	cp_parser_require returned a non-NULL token before dereferencing
	it.

gcc/testsuite/ChangeLog:
	PR c++/71184
	* g++.dg/pr71184.C: New test case.
---
 gcc/cp/parser.c                | 6 ++++--
 gcc/testsuite/g++.dg/pr71184.C | 1 +
 2 files changed, 5 insertions(+), 2 deletions(-)
 create mode 100644 gcc/testsuite/g++.dg/pr71184.C

diff --git a/gcc/cp/parser.c b/gcc/cp/parser.c
index 539f165..1d1e574 100644
--- a/gcc/cp/parser.c
+++ b/gcc/cp/parser.c
@@ -13791,8 +13791,10 @@ cp_parser_operator (cp_parser* parser)
 	    /* Consume the `[' token.  */
 	    cp_lexer_consume_token (parser->lexer);
 	    /* Look for the `]' token.  */
-	    end_loc = cp_parser_require (parser, CPP_CLOSE_SQUARE,
-                                         RT_CLOSE_SQUARE)->location;
+	    cp_token *close_token =
+	      cp_parser_require (parser, CPP_CLOSE_SQUARE, RT_CLOSE_SQUARE);
+	    if (close_token)
+	      end_loc = close_token->location;
 	    id = ansi_opname (op == NEW_EXPR
 			      ? VEC_NEW_EXPR : VEC_DELETE_EXPR);
 	  }
diff --git a/gcc/testsuite/g++.dg/pr71184.C b/gcc/testsuite/g++.dg/pr71184.C
new file mode 100644
index 0000000..452303e
--- /dev/null
+++ b/gcc/testsuite/g++.dg/pr71184.C
@@ -0,0 +1 @@
+operator new[ // { dg-error "expected type-specifier before 'new'" }
-- 
1.8.5.3

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] PR c++/71184: Fix NULL dereference in cp_parser_operator
  2016-05-19  0:34 [PATCH] PR c++/71184: Fix NULL dereference in cp_parser_operator David Malcolm
@ 2016-05-19 13:43 ` Jason Merrill
  0 siblings, 0 replies; 2+ messages in thread
From: Jason Merrill @ 2016-05-19 13:43 UTC (permalink / raw)
  To: David Malcolm, gcc-patches

On 05/18/2016 08:59 PM, David Malcolm wrote:
> +	    cp_token *close_token =
> +	      cp_parser_require (parser, CPP_CLOSE_SQUARE, RT_CLOSE_SQUARE);
> +	    if (close_token)
> +	      end_loc = close_token->location;

You could combine these into

if (cp_token *close_token
     = cp_parser_require (parser, CPP_CLOSE_SQUARE, RT_CLOSE_SQUARE);
   end_loc = close_token->location;

(also splitting the line before the = rather than after).

OK.

Jason

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2016-05-19 13:43 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-05-19  0:34 [PATCH] PR c++/71184: Fix NULL dereference in cp_parser_operator David Malcolm
2016-05-19 13:43 ` Jason Merrill

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).