Fix latent crash in ada_variant_discrim_name

ada_variant_discrim_name does this: for (discrim_end = name + strlen (name) - 6; discrim_end != name; If NAME is too short, this will construct an invalid pointer, perhaps causing a crash. This patch arranges to check the length first.
author: Tom Tromey <tromey@adacore.com> 2024-09-09 11:29:12 -0600
committer: Tom Tromey <tromey@adacore.com> 2025-03-06 14:17:17 -0700
commit: 56ddbf72843c0fa1badd68e71c5ba076f626c5c5 (patch)
tree: 3a032dc23e8252fe4e9e5bdcd2d51a516cc75d09 /gdb/ada-lang.c
parent: 29faeceaa8a7833c1234f9980266c84c7c6b9d02 (diff)
download: binutils-56ddbf72843c0fa1badd68e71c5ba076f626c5c5.zip
binutils-56ddbf72843c0fa1badd68e71c5ba076f626c5c5.tar.gz
binutils-56ddbf72843c0fa1badd68e71c5ba076f626c5c5.tar.bz2
1 files changed, 4 insertions, 2 deletions
diff --git a/gdb/ada-lang.c b/gdb/ada-lang.c
index 95ceb10..aef2b1d 100644
--- a/gdb/ada-lang.c
+++ b/gdb/ada-lang.c
@@ -6685,8 +6685,10 @@ ada_variant_discrim_name (struct type *type0)
   if (name == NULL || name[0] == '\000')
     return "";
 
-  for (discrim_end = name + strlen (name) - 6; discrim_end != name;
-       discrim_end -= 1)
+  size_t len = strlen (name);
+  if (len < 6)
+    return "";
+  for (discrim_end = name + len - 6; discrim_end != name; discrim_end -= 1)
     {
       if (startswith (discrim_end, "___XVN"))
 	break;
author	Tom Tromey <tromey@adacore.com>	2024-09-09 11:29:12 -0600
committer	Tom Tromey <tromey@adacore.com>	2025-03-06 14:17:17 -0700
commit	56ddbf72843c0fa1badd68e71c5ba076f626c5c5 (patch)
tree	3a032dc23e8252fe4e9e5bdcd2d51a516cc75d09 /gdb/ada-lang.c
parent	29faeceaa8a7833c1234f9980266c84c7c6b9d02 (diff)
download	binutils-56ddbf72843c0fa1badd68e71c5ba076f626c5c5.zip binutils-56ddbf72843c0fa1badd68e71c5ba076f626c5c5.tar.gz binutils-56ddbf72843c0fa1badd68e71c5ba076f626c5c5.tar.bz2