projects / gcc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 5a34af7)
Don't crash on large composite literal array index.
authorIan Lance Taylor <ian@gcc.gnu.org>
Thu, 3 Mar 2011 06:40:50 +0000 (06:40 +0000)
committerIan Lance Taylor <ian@gcc.gnu.org>
Thu, 3 Mar 2011 06:40:50 +0000 (06:40 +0000)
From-SVN: r170645

gcc/go/gofrontend/expressions.cc patch | blob | history

diff --git a/gcc/go/gofrontend/expressions.cc b/gcc/go/gofrontend/expressions.cc
index a94a70771e146b7b06600168a6dd54d8f89662c2..075ba6468fe6a897bbdbd0b59ff16edb6e68d9f0 100644 (file)
--- a/gcc/go/gofrontend/expressions.cc
+++ b/gcc/go/gofrontend/expressions.cc
@@ -11885,6 +11885,7 @@ Composite_literal_expression::lower_array(Type* type)
        {
          mpz_t ival;
          mpz_init(ival);
+
          Type* dummy;
          if (!index_expr->integer_constant_value(true, ival, &dummy))
            {
@@ -11893,12 +11894,14 @@ Composite_literal_expression::lower_array(Type* type)
                       "index expression is not integer constant");
              return Expression::make_error(location);
            }
+
          if (mpz_sgn(ival) < 0)
            {
              mpz_clear(ival);
              error_at(index_expr->location(), "index expression is negative");
              return Expression::make_error(location);
            }
+
          index = mpz_get_ui(ival);
          if (mpz_cmp_ui(ival, index) != 0)
            {
@@ -11906,7 +11909,30 @@ Composite_literal_expression::lower_array(Type* type)
              error_at(index_expr->location(), "index value overflow");
              return Expression::make_error(location);
            }
+
+         Named_type* ntype = Type::lookup_integer_type("int");
+         Integer_type* inttype = ntype->integer_type();
+         mpz_t max;
+         mpz_init_set_ui(max, 1);
+         mpz_mul_2exp(max, max, inttype->bits() - 1);
+         bool ok = mpz_cmp(ival, max) < 0;
+         mpz_clear(max);
+         if (!ok)
+           {
+             mpz_clear(ival);
+             error_at(index_expr->location(), "index value overflow");
+             return Expression::make_error(location);
+           }
+
          mpz_clear(ival);
+
+         // FIXME: Our representation isn't very good; this avoids
+         // thrashing.
+         if (index > 0x1000000)
+           {
+             error_at(index_expr->location(), "index too large for compiler");
+             return Expression::make_error(location);
+           }
        }
 
       if (index == vals.size())