Fix several crashes of C++ demangler on fuzzed input.

libiberty/
	* cp-demangle.c (d_dump): Fix syntax error.
	(d_identifier): Adjust type of len to match d_source_name.
	(d_expression_1): Fix out-of-bounds access.  Check code variable for
	NULL before dereferencing it.
	(d_find_pack): Do not recurse for FIXED_TYPE, DEFAULT_ARG and NUMBER.
	(d_print_comp_inner): Add NULL pointer check.
	* cp-demangle.h (d_peek_next_char): Define as inline function when
	CHECK_DEMANGLER is defined.
	(d_advance): Likewise.
	* testsuite/demangle-expected: Add new testcases.

git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@225727 138bc75d-0d04-0410-961f-82ee72b054a4

1 files changed, 13 insertions, 0 deletions

diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog
index 65abd11..985e4ae 100644
--- a/libiberty/ChangeLog
+++ b/libiberty/ChangeLog
@@ -52,6 +52,19 @@
 
 	* configure: Regenerated.
 
+2015-07-13  Mikhail Maltsev  <maltsevm@gmail.com>
+
+	* cp-demangle.c (d_dump): Fix syntax error.
+	(d_identifier): Adjust type of len to match d_source_name.
+	(d_expression_1): Fix out-of-bounds access.  Check code variable for
+	NULL before dereferencing it.
+	(d_find_pack): Do not recurse for FIXED_TYPE, DEFAULT_ARG and NUMBER.
+	(d_print_comp_inner): Add NULL pointer check.
+	* cp-demangle.h (d_peek_next_char): Define as inline function when
+	CHECK_DEMANGLER is defined.
+	(d_advance): Likewise.
+	* testsuite/demangle-expected: Add new testcases.
+
 2015-07-09  Uros Bizjak  <ubizjak@gmail.com>
 
 	* getruntime.c (RUSAGE_SELF): Define if not already defined.