diff options
| author | Ben L <bobsayshilol@live.co.uk> | 2019-04-30 14:32:38 +0000 |
|---|---|---|
| committer | Jeff Law <law@gcc.gnu.org> | 2019-04-30 08:32:38 -0600 |
| commit | 81adfd10c9527402ba94963e960b8f70ea52bdca (patch) | |
| tree | 71dce8119cc5a1cd1b3057e44dfff36309316305 /libiberty | |
| parent | 80024f3180b9c4c904cd65323e1d1333cf19d1fe (diff) | |
d-demangle.c (dlang_parse_integer): Fix stack underflow.
* d-demangle.c (dlang_parse_integer): Fix stack underflow.
* testsuite/d-demangle-expected: Add testcase.
From-SVN: r270696
Diffstat (limited to 'libiberty')
| -rw-r--r-- | libiberty/ChangeLog | 3 | ||||
| -rw-r--r-- | libiberty/d-demangle.c | 6 | ||||
| -rw-r--r-- | libiberty/testsuite/d-demangle-expected | 4 |
3 files changed, 10 insertions, 3 deletions
diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog index 6e9691c6bae..76a974d6526 100644 --- a/libiberty/ChangeLog +++ b/libiberty/ChangeLog @@ -1,5 +1,8 @@ 2019-04-30 Ben L <bobsayshilol@live.co.uk> + * d-demangle.c (dlang_parse_integer): Fix stack underflow. + * testsuite/d-demangle-expected: Add testcase. + * cp-demangle (d_print_comp_inner): Guard against a NULL 'typed_name'. * testsuite/demangle-expected: Add testcase. diff --git a/libiberty/d-demangle.c b/libiberty/d-demangle.c index 8acbf046f26..114d9e0ef73 100644 --- a/libiberty/d-demangle.c +++ b/libiberty/d-demangle.c @@ -939,8 +939,8 @@ dlang_parse_integer (string *decl, const char *mangled, char type) if (type == 'a' || type == 'u' || type == 'w') { /* Parse character value. */ - char value[10]; - int pos = 10; + char value[20]; + int pos = sizeof(value); int width = 0; long val; @@ -991,7 +991,7 @@ dlang_parse_integer (string *decl, const char *mangled, char type) for (; width > 0; width--) value[--pos] = '0'; - string_appendn (decl, &(value[pos]), 10 - pos); + string_appendn (decl, &(value[pos]), sizeof(value) - pos); } string_append (decl, "'"); } diff --git a/libiberty/testsuite/d-demangle-expected b/libiberty/testsuite/d-demangle-expected index 547a2ddec39..998823899b5 100644 --- a/libiberty/testsuite/d-demangle-expected +++ b/libiberty/testsuite/d-demangle-expected @@ -1306,3 +1306,7 @@ rt.lifetime._d_newarrayOpT!(_d_newarrayiT)._d_newarrayOpT(const(TypeInfo), ulong --format=dlang _D4core8demangle16__T6mangleTFZPvZ6mangleFNaNbNfAxaAaZ11DotSplitter5emptyMxFNaNbNdNiNfZb core.demangle.mangle!(void*() function).mangle(const(char)[], char[]).DotSplitter.empty() const +# Could crash +--format=dlang +_D8__T2fnVa8888888888888_ +_D8__T2fnVa8888888888888_ |