gdb: fix off-by-one error in quirk_rust_enum

Found by inspection, so I don't have a test for it (I don't think it
would be easy to have this bug cause a failure reliably).

We allocate space for N fields into `new_fields`, then memcpy N fields
at `new_fields + 1`.  This overflows the allocated buffer by one field.

Fix it by allocating `N + 1` fields.

gdb/ChangeLog:

	* dwarf2/read.c (quirk_rust_enum): Allocate enough fields.

diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index f62557da6c04f4ade9ac2ab166b61f2d3b37ac1b..ac0beef5ad531bf5f68bdaab9e2cbbc0225243a7 100644 (file)
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,7 @@
+2020-05-19  Simon Marchi  <simon.marchi@efficios.com>
+
+       * dwarf2/read.c (quirk_rust_enum): Allocate enough fields.
+
 2020-05-19  Pedro Alves  <palves@redhat.com>
 
        * NEWS (set exec-file-mismatch): Adjust entry.

diff --git a/gdb/dwarf2/read.c b/gdb/dwarf2/read.c
index 0c6182bbf3b92fe4ce396d073d800c966d35d61a..2ab7c5c331315797b284f695398838b333a3b7d5 100644 (file)
--- a/gdb/dwarf2/read.c
+++ b/gdb/dwarf2/read.c
@@ -9420,7 +9420,7 @@ quirk_rust_enum (struct type *type, struct objfile *objfile)
       /* Make space for the discriminant field.  */
       struct field *disr_field = &TYPE_FIELD (disr_type, 0);
       field *new_fields
-       = (struct field *) TYPE_ZALLOC (type, (TYPE_NFIELDS (type)
+       = (struct field *) TYPE_ZALLOC (type, ((TYPE_NFIELDS (type) + 1)
                                               * sizeof (struct field)));
       memcpy (new_fields + 1, TYPE_FIELDS (type),
              TYPE_NFIELDS (type) * sizeof (struct field));