From 7b11fbb8383cc842a9788115077d7d1dcb69c418 Mon Sep 17 00:00:00 2001 From: Dominik Vogt Date: Fri, 29 Jul 2016 08:04:01 +0000 Subject: [PATCH] gfortran: Fix allocation of diagnostig string (was too small). The attached patch fixes an out of bound write to memory allocated with alloca() on the stack. This rarely ever happened because on one hand -fbounds-check needs to be enabled, and on the other hand alloca() used to allocate a few bytes extra most of the time so most of the time the excess write did no harm. gcc/fortran/ChangeLog: * trans-array.c (gfc_conv_array_ref): Fix allocation of diagnostic message (was too small). From-SVN: r238849 --- gcc/fortran/ChangeLog | 5 +++++ gcc/fortran/trans-array.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/gcc/fortran/ChangeLog b/gcc/fortran/ChangeLog index b9ca1065b18..e8f8a81aeb9 100644 --- a/gcc/fortran/ChangeLog +++ b/gcc/fortran/ChangeLog @@ -1,3 +1,8 @@ +2016-07-29 Dominik Vogt + + * trans-array.c (gfc_conv_array_ref): Fix allocation of diagnostic + message (was too small). + 2016-07-28 Steven G. Kargl PR fortran/71067 diff --git a/gcc/fortran/trans-array.c b/gcc/fortran/trans-array.c index e95c8dd8235..7572755a7a6 100644 --- a/gcc/fortran/trans-array.c +++ b/gcc/fortran/trans-array.c @@ -3332,7 +3332,7 @@ gfc_conv_array_ref (gfc_se * se, gfc_array_ref * ar, gfc_expr *expr, if (ref->type == REF_ARRAY && &ref->u.ar == ar) break; if (ref->type == REF_COMPONENT) - len += 1 + strlen (ref->u.c.component->name); + len += 2 + strlen (ref->u.c.component->name); } var_name = XALLOCAVEC (char, len); -- 2.30.2