diff options
| author | Tobias Burnus <burnus@net-b.de> | 2012-12-03 09:56:11 +0100 |
|---|---|---|
| committer | Tobias Burnus <burnus@gcc.gnu.org> | 2012-12-03 09:56:11 +0100 |
| commit | 021aa628c6ecec5c0f67bd8b8fa540156f03a11f (patch) | |
| tree | ddbfbac7cb92eb96312faedaa55f572327bd0afd | |
| parent | 29a7d776ea22f0c3120f6ed2866af6649778c16a (diff) | |
| download | gcc-021aa628c6ecec5c0f67bd8b8fa540156f03a11f.zip gcc-021aa628c6ecec5c0f67bd8b8fa540156f03a11f.tar.gz gcc-021aa628c6ecec5c0f67bd8b8fa540156f03a11f.tar.bz2 | |
re PR fortran/55475 (heap-buffer-overflow in fortran/error.c)
2012-12-03 Tobias Burnus <burnus@net-b.de>
PR fortran/55475
* scanner.c (gfc_next_char_literal): Fix setting locus
to free_line_length for the error message.
* error.c (show_locus): Fix potential out-of-bounds
read.
From-SVN: r194076
| -rw-r--r-- | gcc/fortran/ChangeLog | 10 | ||||
| -rw-r--r-- | gcc/fortran/error.c | 7 | ||||
| -rw-r--r-- | gcc/fortran/scanner.c | 6 |
3 files changed, 19 insertions, 4 deletions
diff --git a/gcc/fortran/ChangeLog b/gcc/fortran/ChangeLog index 84b085a..30f82fd 100644 --- a/gcc/fortran/ChangeLog +++ b/gcc/fortran/ChangeLog @@ -1,4 +1,12 @@ -2012-11-03 Tobias Burnus <burnus@net-b.de> +2012-12-03 Tobias Burnus <burnus@net-b.de> + + PR fortran/55475 + * scanner.c (gfc_next_char_literal): Fix setting locus + to free_line_length for the error message. + * error.c (show_locus): Fix potential out-of-bounds + read. + +2012-12-03 Tobias Burnus <burnus@net-b.de> PR fortran/37336 * class.c (finalizer_insert_packed_call): New static function. diff --git a/gcc/fortran/error.c b/gcc/fortran/error.c index 4b06156..611540c 100644 --- a/gcc/fortran/error.c +++ b/gcc/fortran/error.c @@ -387,7 +387,7 @@ show_locus (locus *loc, int c1, int c2) cmax -= offset; p = &(lb->line[offset]); - for (i = 0; i <= cmax; i++) + for (i = 0; i < cmax; i++) { int spaces, j; spaces = gfc_widechar_display_length (*p++); @@ -401,6 +401,11 @@ show_locus (locus *loc, int c1, int c2) error_char (' '); } + if (i == c1) + error_char ('1'); + else if (i == c2) + error_char ('2'); + error_char ('\n'); } diff --git a/gcc/fortran/scanner.c b/gcc/fortran/scanner.c index e0556a9..765c0f9 100644 --- a/gcc/fortran/scanner.c +++ b/gcc/fortran/scanner.c @@ -1068,10 +1068,12 @@ restart: && gfc_current_locus.lb->truncated) { int maxlen = gfc_option.free_line_length; + gfc_char_t *current_nextc = gfc_current_locus.nextc; + gfc_current_locus.lb->truncated = 0; - gfc_current_locus.nextc += maxlen; + gfc_current_locus.nextc = gfc_current_locus.lb->line + maxlen; gfc_warning_now ("Line truncated at %L", &gfc_current_locus); - gfc_current_locus.nextc -= maxlen; + gfc_current_locus.nextc = current_nextc; } if (c != '&') |