From e2e280a3e5c6147f3b5a24981ddffc20c4f0bdf9 Mon Sep 17 00:00:00 2001 From: Ian Lance Taylor Date: Thu, 3 Mar 2011 06:40:50 +0000 Subject: [PATCH] Don't crash on large composite literal array index. From-SVN: r170645 --- gcc/go/gofrontend/expressions.cc | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/gcc/go/gofrontend/expressions.cc b/gcc/go/gofrontend/expressions.cc index a94a70771e1..075ba6468fe 100644 --- a/gcc/go/gofrontend/expressions.cc +++ b/gcc/go/gofrontend/expressions.cc @@ -11885,6 +11885,7 @@ Composite_literal_expression::lower_array(Type* type) { mpz_t ival; mpz_init(ival); + Type* dummy; if (!index_expr->integer_constant_value(true, ival, &dummy)) { @@ -11893,12 +11894,14 @@ Composite_literal_expression::lower_array(Type* type) "index expression is not integer constant"); return Expression::make_error(location); } + if (mpz_sgn(ival) < 0) { mpz_clear(ival); error_at(index_expr->location(), "index expression is negative"); return Expression::make_error(location); } + index = mpz_get_ui(ival); if (mpz_cmp_ui(ival, index) != 0) { @@ -11906,7 +11909,30 @@ Composite_literal_expression::lower_array(Type* type) error_at(index_expr->location(), "index value overflow"); return Expression::make_error(location); } + + Named_type* ntype = Type::lookup_integer_type("int"); + Integer_type* inttype = ntype->integer_type(); + mpz_t max; + mpz_init_set_ui(max, 1); + mpz_mul_2exp(max, max, inttype->bits() - 1); + bool ok = mpz_cmp(ival, max) < 0; + mpz_clear(max); + if (!ok) + { + mpz_clear(ival); + error_at(index_expr->location(), "index value overflow"); + return Expression::make_error(location); + } + mpz_clear(ival); + + // FIXME: Our representation isn't very good; this avoids + // thrashing. + if (index > 0x1000000) + { + error_at(index_expr->location(), "index too large for compiler"); + return Expression::make_error(location); + } } if (index == vals.size()) -- 2.30.2