diff options
| author | Harald Anlauf <anlauf@gmx.de> | 2020-06-05 20:30:34 +0200 |
|---|---|---|
| committer | Harald Anlauf <anlauf@gmx.de> | 2020-06-05 20:30:34 +0200 |
| commit | bcd96c9cce962ca5b2c6f8459597fb759f945ccf (patch) | |
| tree | b6cbc17be1ba2a7c27d6d2c462b85a31da62f251 /gcc/fortran/trans-common.c | |
| parent | 608832716e27ca356ee38d14ae30b3ab525884ea (diff) | |
| download | gcc-bcd96c9cce962ca5b2c6f8459597fb759f945ccf.zip gcc-bcd96c9cce962ca5b2c6f8459597fb759f945ccf.tar.gz gcc-bcd96c9cce962ca5b2c6f8459597fb759f945ccf.tar.bz2 | |
PR fortran/95530, PR fortran/95537 - Buffer overflows with long symbols
The testcases for PR95090 and PR95106 trigger buffer overflows with long
symbols that were found with an instrumented compiler. Enlarge the
affected buffers, and add checks that the buffers will suffice.
2020-06-05 Harald Anlauf <anlauf@gmx.de>
gcc/fortran/
PR fortran/95530
PR fortran/95537
* decl.c (gfc_match_decl_type_spec): Enlarge buffer, and enhance
string copy to detect buffer overflow.
* gfortran.h (gfc_common_head): Enlarge buffer.
* trans-common.c (finish_equivalences): Enhance string copy to
detect buffer overflow.
Diffstat (limited to 'gcc/fortran/trans-common.c')
| -rw-r--r-- | gcc/fortran/trans-common.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/gcc/fortran/trans-common.c b/gcc/fortran/trans-common.c index 3775a8b..1acc336 100644 --- a/gcc/fortran/trans-common.c +++ b/gcc/fortran/trans-common.c @@ -1314,7 +1314,11 @@ finish_equivalences (gfc_namespace *ns) c->where = ns->proc_name->declared_at; else if (ns->is_block_data) c->where = ns->sym_root->n.sym->declared_at; - strcpy (c->name, z->module); + + size_t len = strlen (z->module); + gcc_assert (len < sizeof (c->name)); + memcpy (c->name, z->module, len); + c->name[len] = '\0'; } else c = NULL; |