From 76b88c5fc9930734f4d3496b9100862f62311ce5 Mon Sep 17 00:00:00 2001
From: Francois-Xavier Coudert <fxcoudert@gcc.gnu.org>
Date: Sat, 12 Sep 2015 12:05:44 +0000
Subject: [PATCH] re PR libfortran/67527 (io.h sanitizer complains on 1 << 31)

	PR libfortran/67527
	PR libfortran/67535
	PR libfortran/67536
	* io/io.h: Use unsigned values for 31-bit left shifts.
	* io/unix.c (buf_read): Do not call memcpy() with NULL pointer arg.
	* io/write.c (nml_write_obj): Likewise.

From-SVN: r227705
---
 libgfortran/ChangeLog  | 9 +++++++++
 libgfortran/io/io.h    | 4 ++--
 libgfortran/io/unix.c  | 8 +++++++-
 libgfortran/io/write.c | 3 ++-
 4 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/libgfortran/ChangeLog b/libgfortran/ChangeLog
index 8b4c27cbc95..77030e9fd4b 100644
--- a/libgfortran/ChangeLog
+++ b/libgfortran/ChangeLog
@@ -1,3 +1,12 @@
+2015-09-12  Francois-Xavier Coudert  <fxcoudert@gcc.gnu.org>
+
+	PR libfortran/67527
+	PR libfortran/67535
+	PR libfortran/67536
+	* io/io.h: Use unsigned values for 31-bit left shifts.
+	* io/unix.c (buf_read): Do not call memcpy() with NULL pointer arg.
+	* io/write.c (nml_write_obj): Likewise.
+
 2015-09-05  Janne Blomqvist  <jb@gcc.gnu.org>
 
 	PR fortran/53379
diff --git a/libgfortran/io/io.h b/libgfortran/io/io.h
index f34d0c34cf6..1ff362778bd 100644
--- a/libgfortran/io/io.h
+++ b/libgfortran/io/io.h
@@ -311,7 +311,7 @@ st_parameter_filepos;
 #define IOPARM_INQUIRE_HAS_WRITE	(1 << 28)
 #define IOPARM_INQUIRE_HAS_READWRITE	(1 << 29)
 #define IOPARM_INQUIRE_HAS_CONVERT	(1 << 30)
-#define IOPARM_INQUIRE_HAS_FLAGS2	(1 << 31)
+#define IOPARM_INQUIRE_HAS_FLAGS2	(1u << 31)
 
 #define IOPARM_INQUIRE_HAS_ASYNCHRONOUS	(1 << 0)
 #define IOPARM_INQUIRE_HAS_DECIMAL	(1 << 1)
@@ -380,7 +380,7 @@ st_parameter_inquire;
 #define IOPARM_DT_HAS_SIGN			(1 << 24)
 #define IOPARM_DT_HAS_F2003                     (1 << 25)
 /* Internal use bit.  */
-#define IOPARM_DT_IONML_SET			(1 << 31)
+#define IOPARM_DT_IONML_SET			(1u << 31)
 
 
 typedef struct st_parameter_dt
diff --git a/libgfortran/io/unix.c b/libgfortran/io/unix.c
index 5385d8b7700..b86bd67c323 100644
--- a/libgfortran/io/unix.c
+++ b/libgfortran/io/unix.c
@@ -489,7 +489,13 @@ buf_read (unix_stream * s, void * buf, ssize_t nbyte)
   /* Is the data we want in the buffer?  */
   if (s->logical_offset + nbyte <= s->buffer_offset + s->active
       && s->buffer_offset <= s->logical_offset)
-    memcpy (buf, s->buffer + (s->logical_offset - s->buffer_offset), nbyte);
+    {
+      /* When nbyte == 0, buf can be NULL which would lead to undefined
+	 behavior if we called memcpy().  */
+      if (nbyte != 0)
+	memcpy (buf, s->buffer + (s->logical_offset - s->buffer_offset),
+		nbyte);
+    }
   else
     {
       /* First copy the active bytes if applicable, then read the rest
diff --git a/libgfortran/io/write.c b/libgfortran/io/write.c
index e226236a4b5..6656c976815 100644
--- a/libgfortran/io/write.c
+++ b/libgfortran/io/write.c
@@ -1833,7 +1833,8 @@ nml_write_obj (st_parameter_dt *dtp, namelist_info * obj, index_type offset,
 		+ strlen (obj->var_name) + obj->var_rank * NML_DIGITS + 1;
 	      ext_name = xmalloc (ext_name_len);
 
-	      memcpy (ext_name, base_name, base_name_len);
+	      if (base_name)
+		memcpy (ext_name, base_name, base_name_len);
 	      clen = strlen (obj->var_name + base_var_name_len);
 	      memcpy (ext_name + base_name_len, 
 		      obj->var_name + base_var_name_len, clen);
-- 
2.30.2