From 3ee9d82484bdc0ae5b1b21f4a3d8ff46d40e36fd Mon Sep 17 00:00:00 2001 From: Harald Anlauf Date: Sun, 14 Jun 2020 16:12:47 +0200 Subject: [PATCH] PR fortran/95088 - Buffer overflows with PDTs, submodules and long symbols With PDTs (parameterized derived types) and submodules, name mangling results in variably long internal symbols. Instead of using a fixed-size intermediate buffer, which is actually not really needed, just use a pointer to strings. 2020-06-14 Harald Anlauf gcc/fortran/ PR fortran/95088 * class.c (get_unique_type_string): Replace use of fixed size buffer by internally passing a pointer to strings. --- gcc/fortran/class.c | 14 +++--------- gcc/testsuite/gfortran.dg/pr95088.f90 | 31 +++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 11 deletions(-) create mode 100644 gcc/testsuite/gfortran.dg/pr95088.f90 diff --git a/gcc/fortran/class.c b/gcc/fortran/class.c index cfc450283fa..227134eef3d 100644 --- a/gcc/fortran/class.c +++ b/gcc/fortran/class.c @@ -479,19 +479,11 @@ gfc_class_initializer (gfc_typespec *ts, gfc_expr *init_expr) static void get_unique_type_string (char *string, gfc_symbol *derived) { - /* Provide sufficient space to hold "Pdtsymbol". */ - char dt_name[GFC_MAX_SYMBOL_LEN+4]; + const char *dt_name; if (derived->attr.unlimited_polymorphic) - strcpy (dt_name, "STAR"); + dt_name = "STAR"; else - { - const char *upper = gfc_dt_upper_string (derived->name); - size_t len = strnlen (upper, sizeof (dt_name)); - if (len >= sizeof (dt_name)) - gfc_internal_error ("get_unique_type_string: identifier overflow"); - memcpy (dt_name, upper, len); - dt_name[len] = '\0'; - } + dt_name = gfc_dt_upper_string (derived->name); if (derived->attr.unlimited_polymorphic) sprintf (string, "_%s", dt_name); else if (derived->module) diff --git a/gcc/testsuite/gfortran.dg/pr95088.f90 b/gcc/testsuite/gfortran.dg/pr95088.f90 new file mode 100644 index 00000000000..318fc3f3677 --- /dev/null +++ b/gcc/testsuite/gfortran.dg/pr95088.f90 @@ -0,0 +1,31 @@ +! { dg-do compile } +! { dg-options "-fsecond-underscore" } +! PR fortran/95088 - ICE in gfc_build_class_symbol, at fortran/class.c:653 + +module m2345678901234567890123456789012345678901234567890123456789_123 + type t2345678901234567890123456789012345678901234567890123456789_123 & + (n2345678901234567890123456789012345678901234567890123456789_123,& + r2345678901234567890123456789012345678901234567890123456789_123,& + k2345678901234567890123456789012345678901234567890123456789_123,& + l2345678901234567890123456789012345678901234567890123456789_123 ) + integer, kind :: n2345678901234567890123456789012345678901234567890123456789_123 + integer, kind :: r2345678901234567890123456789012345678901234567890123456789_123 + integer, kind :: k2345678901234567890123456789012345678901234567890123456789_123 + integer, len :: l2345678901234567890123456789012345678901234567890123456789_123 + complex (kind = r2345678901234567890123456789012345678901234567890123456789_123) & + :: z2345678901234567890123456789012345678901234567890123456789_123 + character(kind = k2345678901234567890123456789012345678901234567890123456789_123, & + len = l2345678901234567890123456789012345678901234567890123456789_123) & + :: c2345678901234567890123456789012345678901234567890123456789_123 + end type + type, extends (t2345678901234567890123456789012345678901234567890123456789_123) :: & + a2345678901234567890123456789012345678901234567890123456789_123 + end type + interface + module subroutine s2345678901234567890123456789012345678901234567890123456789_123 & + (x2345678901234567890123456789012345678901234567890123456789_123) + class(a2345678901234567890123456789012345678901234567890123456789_123(16,8,4,1234567890)) :: & + x2345678901234567890123456789012345678901234567890123456789_123 + end + end interface +end -- 2.30.2