re PR libfortran/81938 (valgrind error message and heap-buffer-overflow on address...

author Jerry DeLisle <jvdelisle@gcc.gnu.org>

Fri, 27 Oct 2017 17:50:22 +0000 (17:50 +0000)

committer Jerry DeLisle <jvdelisle@gcc.gnu.org>

Fri, 27 Oct 2017 17:50:22 +0000 (17:50 +0000)
author Jerry DeLisle <jvdelisle@gcc.gnu.org>
Fri, 27 Oct 2017 17:50:22 +0000 (17:50 +0000)
committer Jerry DeLisle <jvdelisle@gcc.gnu.org>
Fri, 27 Oct 2017 17:50:22 +0000 (17:50 +0000)
diff --git a/libgfortran/ChangeLog b/libgfortran/ChangeLog

index ef9ef19b68b6d53e70eb130b8392289246fc4724..9e52ece6e1532a465aa9951e702c4a5f0518f369 100644 (file)
--- a/libgfortran/ChangeLog
+++ b/libgfortran/ChangeLog
@@ -1,3 +1,10 @@
+2017-10-27  Jerry DeLisle  <jvdelisle@gcc.gnu.org>
+           Rimvydas (RJ)
+
+       PR libgfortran/81938
+       io/format.c (free_format_data): Don't try to free vlist
+       descriptors past the end of the fnode array.
+       
  2017-10-10  Thomas Koenig  <tkoenig@gcc.gnu.org>
  
         PR libfortran/82233
diff --git a/libgfortran/io/format.c b/libgfortran/io/format.c

index bd14ac37bb3e15da30d1a654949b4f96adc1a366..c2abdd7b3af891cc3c814fb7d254fd9cbdcc80dc 100644 (file)
--- a/libgfortran/io/format.c
+++ b/libgfortran/io/format.c
@@ -266,7 +266,8 @@ free_format_data (format_data *fmt)
      return;
  
    /* Free vlist descriptors in the fnode_array if one was allocated.  */
-  for (fnp = fmt->array.array; fnp->format != FMT_NONE; fnp++)
+  for (fnp = fmt->array.array; fnp < &fmt->array.array[FARRAY_SIZE] &&
+       fnp->format != FMT_NONE; fnp++)
      if (fnp->format == FMT_DT)
         {
           if (GFC_DESCRIPTOR_DATA(fnp->u.udf.vlist))
author	Jerry DeLisle <jvdelisle@gcc.gnu.org>
	Fri, 27 Oct 2017 17:50:22 +0000 (17:50 +0000)
committer	Jerry DeLisle <jvdelisle@gcc.gnu.org>
	Fri, 27 Oct 2017 17:50:22 +0000 (17:50 +0000)
libgfortran/ChangeLog		patch \| blob \| history
libgfortran/io/format.c		patch \| blob \| history