From baea2f9d52d606f6b58a736420017c98351f5b5c Mon Sep 17 00:00:00 2001
From: Tom Tromey <tromey@adacore.com>
Date: Mon, 17 May 2021 12:55:18 -0600
Subject: Fix buffer underflow in add_path

Address sanitizer pointed out a buglet in source.c:add_path.
In this test, from gdb.base/source-dir.exp:

    (gdb) set directories :/foo:/bar

... 'p[-1]' will result in a buffer underflow.
This patch fixes the bug by introducing a new check.

2021-05-17  Tom Tromey  <tromey@adacore.com>

	* source.c (add_path): Check 'p' before using 'p[-1]'.
---
 gdb/source.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'gdb/source.c')

diff --git a/gdb/source.c b/gdb/source.c
index 6fc27ae..b6dab6e 100644
--- a/gdb/source.c
+++ b/gdb/source.c
@@ -537,6 +537,7 @@ add_path (const char *dirname, char **which_path, int parse_separators)
       /* On MS-DOS and MS-Windows, h:\ is different from h: */
 	     && !(p == name + 3 && name[1] == ':')		/* "d:/" */
 #endif
+	     && p > name
 	     && IS_DIR_SEPARATOR (p[-1]))
 	/* Sigh.  "foo/" => "foo" */
 	--p;
-- 
cgit v1.1