From: Simon Marchi <simon.marchi@efficios.com>
Date: Tue, 19 May 2020 18:20:23 +0000 (-0400)
Subject: gdb: fix off-by-one error in quirk_rust_enum
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=f408d82c7a140268c3b7be35970c96d8385b5902;p=binutils-gdb.git

gdb: fix off-by-one error in quirk_rust_enum

Found by inspection, so I don't have a test for it (I don't think it
would be easy to have this bug cause a failure reliably).

We allocate space for N fields into `new_fields`, then memcpy N fields
at `new_fields + 1`.  This overflows the allocated buffer by one field.

Fix it by allocating `N + 1` fields.

gdb/ChangeLog:

	* dwarf2/read.c (quirk_rust_enum): Allocate enough fields.
---

diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index f62557da6c0..ac0beef5ad5 100644
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,7 @@
+2020-05-19  Simon Marchi  <simon.marchi@efficios.com>
+
+	* dwarf2/read.c (quirk_rust_enum): Allocate enough fields.
+
 2020-05-19  Pedro Alves  <palves@redhat.com>
 
 	* NEWS (set exec-file-mismatch): Adjust entry.
diff --git a/gdb/dwarf2/read.c b/gdb/dwarf2/read.c
index 0c6182bbf3b..2ab7c5c3313 100644
--- a/gdb/dwarf2/read.c
+++ b/gdb/dwarf2/read.c
@@ -9420,7 +9420,7 @@ quirk_rust_enum (struct type *type, struct objfile *objfile)
       /* Make space for the discriminant field.  */
       struct field *disr_field = &TYPE_FIELD (disr_type, 0);
       field *new_fields
-	= (struct field *) TYPE_ZALLOC (type, (TYPE_NFIELDS (type)
+	= (struct field *) TYPE_ZALLOC (type, ((TYPE_NFIELDS (type) + 1)
 					       * sizeof (struct field)));
       memcpy (new_fields + 1, TYPE_FIELDS (type),
 	      TYPE_NFIELDS (type) * sizeof (struct field));