PR fortran/95827 - Buffer overflows with PDTs and long symbols

Message ID trinity-bb282672-ada6-462f-9abd-f5bdaf733a9e-1592946490772@3c-app-gmx-bs23
State New
Headers show
Series
  • PR fortran/95827 - Buffer overflows with PDTs and long symbols
Related show

Commit Message

Harald Anlauf June 23, 2020, 9:08 p.m.
Dear all,

here's another case with a buffer that did overflow.

Regtested on x86_64-pc-linux-gnu.

OK for master / backports?

Thanks,
Harald


PR fortran/95827 - Buffer overflows with PDTs and long symbols

With submodules and coarrays, name mangling results in long internal
symbols.  Enlarge internal buffer.

gcc/fortran/
	PR fortran/95827
	* iresolve.c (gfc_get_string): Enlarge internal buffer used in
	generating the mangled name.

Comments

Stefan Schulze Frielinghaus via Gcc-patches June 23, 2020, 9:42 p.m. | #1
OK, and thanks for Patch.

On 6/23/20 2:08 PM, Harald Anlauf wrote:
> Dear all,

>

> here's another case with a buffer that did overflow.

>

> Regtested on x86_64-pc-linux-gnu.

>

> OK for master / backports?

>

> Thanks,

> Harald

>

>

> PR fortran/95827 - Buffer overflows with PDTs and long symbols

>

> With submodules and coarrays, name mangling results in long internal

> symbols.  Enlarge internal buffer.

>

> gcc/fortran/

> 	PR fortran/95827

> 	* iresolve.c (gfc_get_string): Enlarge internal buffer used in

> 	generating the mangled name.
Stefan Schulze Frielinghaus via Gcc-patches June 24, 2020, 5:09 p.m. | #2
Hi Haraldd,

> here's another case with a buffer that did overflow.

> 

> Regtested on x86_64-pc-linux-gnu.

> 

> OK for master / backports?


OK. Thanks for the patch!

Best regards

	Thomas

Patch

diff --git a/gcc/fortran/iresolve.c b/gcc/fortran/iresolve.c
index aa9bb328a0f..73769615c20 100644
--- a/gcc/fortran/iresolve.c
+++ b/gcc/fortran/iresolve.c
@@ -47,8 +47,8 @@  along with GCC; see the file COPYING3.  If not see
 const char *
 gfc_get_string (const char *format, ...)
 {
-  /* Provide sufficient space to hold "_F.symbol.symbol_MOD_symbol".  */
-  char temp_name[4 + 2*GFC_MAX_SYMBOL_LEN + 5 + GFC_MAX_SYMBOL_LEN + 1];
+  /* Provide sufficient space for "_F.caf_token__symbol.symbol_MOD_symbol".  */
+  char temp_name[15 + 2*GFC_MAX_SYMBOL_LEN + 5 + GFC_MAX_SYMBOL_LEN + 1];
   const char *str;
   va_list ap;
   tree ident;
diff --git a/gcc/testsuite/gfortran.dg/pr95827.f90 b/gcc/testsuite/gfortran.dg/pr95827.f90
new file mode 100644
index 00000000000..545e344c46d
--- /dev/null
+++ b/gcc/testsuite/gfortran.dg/pr95827.f90
@@ -0,0 +1,14 @@ 
+! { dg-do compile }
+! { dg-options "-fcoarray=lib -fsecond-underscore" }
+! PR fortran/95827 - ICE in gfc_get_string, at fortran/iresolve.c:70
+
+module m2345678901234567890123456789012345678901234567890123456789_123
+  interface
+     module subroutine s2345678901234567890123456789012345678901234567890123456789_123
+     end
+   end interface
+end
+submodule(m2345678901234567890123456789012345678901234567890123456789_123) &
+          n2345678901234567890123456789012345678901234567890123456789_123
+  integer :: x2345678901234567890123456789012345678901234567890123456789_123[*]
+end