1 files changed, 12 insertions, 6 deletions

diff --git a/gdb/eval.c b/gdb/eval.c
index 5d6a594..4a7da00 100644
--- a/gdb/eval.c
+++ b/gdb/eval.c
@@ -1,5 +1,5 @@
 /* Evaluate expressions for GDB.
-   Copyright 1986, 1987, 1989, 1991, 1992, 1993, 1994, 1995, 1996
+   Copyright 1986, 1987, 1989, 1991, 1992, 1993, 1994, 1995, 1996, 1997
    Free Software Foundation, Inc.
 
 This file is part of GDB.
@@ -524,9 +524,6 @@ evaluate_subexp_standard (expect_type, exp, pos, noside)
 	      low_bound = 0;
 	      high_bound = (TYPE_LENGTH (type) / element_size) - 1;
 	    }
-	  if (nargs > (high_bound - low_bound + 1))
-	    /* to avoid memory corruption */
-	    error ("Too many array elements");
 	  index = low_bound;
 	  memset (VALUE_CONTENTS_RAW (array), 0, TYPE_LENGTH (expect_type));
 	  for (tem = nargs;  --nargs >= 0;  )
@@ -551,6 +548,9 @@ evaluate_subexp_standard (expect_type, exp, pos, noside)
 		}
 	      else
 		{
+		  if (index > high_bound)
+		    /* to avoid memory corruption */
+		    error ("Too many array elements");
 		  memcpy (VALUE_CONTENTS_RAW (array)
 			  + (index - low_bound) * element_size,
 			  VALUE_CONTENTS (element),
@@ -1445,7 +1445,8 @@ evaluate_subexp_standard (expect_type, exp, pos, noside)
       arg2 = evaluate_subexp (NULL_TYPE, exp, pos, noside);
       if (noside == EVAL_SKIP)
 	goto nosideret;
-      if (TYPE_CODE (VALUE_TYPE (arg2)) != TYPE_CODE_INT)
+      type = check_typedef (VALUE_TYPE (arg2));
+      if (TYPE_CODE (type) != TYPE_CODE_INT)
 	error ("Non-integral right operand for \"@\" operator.");
       if (noside == EVAL_AVOID_SIDE_EFFECTS)
 	{
@@ -1560,7 +1561,8 @@ evaluate_subexp_standard (expect_type, exp, pos, noside)
 	return value_zero (exp->elts[pc + 1].type, lval_memory);
       else
 	return value_at_lazy (exp->elts[pc + 1].type,
-			      value_as_pointer (arg1));
+			      value_as_pointer (arg1),
+			      NULL);
 
     case UNOP_PREINCREMENT:
       arg1 = evaluate_subexp (expect_type, exp, pos, noside);
@@ -1801,6 +1803,10 @@ evaluate_subexp_for_sizeof (exp, pos)
       (*pos)++;
       val = evaluate_subexp (NULL_TYPE, exp, pos, EVAL_AVOID_SIDE_EFFECTS);
       type = check_typedef (VALUE_TYPE (val));
+      if (TYPE_CODE (type) != TYPE_CODE_PTR
+	  && TYPE_CODE (type) != TYPE_CODE_REF
+	  && TYPE_CODE (type) != TYPE_CODE_ARRAY)
+	error ("Attempt to take contents of a non-pointer value.");
       type = check_typedef (TYPE_TARGET_TYPE (type));
       return value_from_longest (builtin_type_int, (LONGEST)
 		      TYPE_LENGTH (type));