subject:"\[Bug c\+\+\/70492\] Libiberty Demangler segfaults \(2\)"

[Bug c++/70492] Libiberty Demangler segfaults (2)

2016-05-19 Thread jakub at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70492

--- Comment #4 from Jakub Jelinek  ---
Author: jakub
Date: Thu May 19 12:05:41 2016
New Revision: 236456

URL: https://gcc.gnu.org/viewcvs?rev=236456=gcc=rev
Log:
Backported from mainline
2016-05-19  Jakub Jelinek  

PR c++/70498
* cp-demangle.c (d_expression_1): Formatting fix.

2016-05-02  Marcel Böhme  

PR c++/70498
* cp-demangle.c: Parse numbers as integer instead of long to avoid
overflow after sanity checks. Include  if available.
(INT_MAX): Define if necessary.
(d_make_template_param): Takes integer argument instead of long.
(d_make_function_param): Likewise.
(d_append_num): Likewise.
(d_identifier): Likewise.
(d_number): Parse as and return integer.
(d_compact_number): Handle overflow.
(d_source_name): Change variable type to integer for parsed number.
(d_java_resource): Likewise.
(d_special_name): Likewise.
(d_discriminator): Likewise.
(d_unnamed_type): Likewise.
* testsuite/demangle-expected: Add regression test cases.

2016-04-08  Marcel Böhme  

PR c++/69687
* cplus-dem.c: Include  if available.
(INT_MAX): Define if necessary.
(remember_type, remember_Ktype, register_Btype, string_need):
Abort if we detect cases where we the size of the allocation would
overflow.

PR c++/70492
* cplus-dem.c (gnu_special): Handle case where consume_count returns
-1.

2016-03-31  Mikhail Maltsev  
Marcel Bohme  

PR c++/67394
PR c++/70481
* cplus-dem.c (squangle_mop_up): Zero bsize/ksize after freeing
btypevec/ktypevec.
* testsuite/demangle-expected: Add coverage tests.

Modified:
branches/gcc-4_9-branch/libiberty/ChangeLog
branches/gcc-4_9-branch/libiberty/cp-demangle.c
branches/gcc-4_9-branch/libiberty/cplus-dem.c
branches/gcc-4_9-branch/libiberty/testsuite/demangle-expected

[Bug c++/70492] Libiberty Demangler segfaults (2)

2016-05-19 Thread jakub at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70492

--- Comment #3 from Jakub Jelinek  ---
Author: jakub
Date: Thu May 19 10:44:31 2016
New Revision: 236452

URL: https://gcc.gnu.org/viewcvs?rev=236452=gcc=rev
Log:
Backported from mainline
2016-05-19  Jakub Jelinek  

PR c++/70498
* cp-demangle.c (d_expression_1): Formatting fix.

2016-05-02  Marcel Böhme  

PR c++/70498
* cp-demangle.c: Parse numbers as integer instead of long to avoid
overflow after sanity checks. Include  if available.
(INT_MAX): Define if necessary.
(d_make_template_param): Takes integer argument instead of long.
(d_make_function_param): Likewise.
(d_append_num): Likewise.
(d_identifier): Likewise.
(d_number): Parse as and return integer.
(d_compact_number): Handle overflow.
(d_source_name): Change variable type to integer for parsed number.
(d_java_resource): Likewise.
(d_special_name): Likewise.
(d_discriminator): Likewise.
(d_unnamed_type): Likewise.
* testsuite/demangle-expected: Add regression test cases.

2016-04-08  Marcel Böhme  

PR c++/69687
* cplus-dem.c: Include  if available.
(INT_MAX): Define if necessary.
(remember_type, remember_Ktype, register_Btype, string_need):
Abort if we detect cases where we the size of the allocation would
overflow.

PR c++/70492
* cplus-dem.c (gnu_special): Handle case where consume_count returns
-1.

2016-03-31  Mikhail Maltsev  
Marcel Bohme  

PR c++/67394
PR c++/70481
* cplus-dem.c (squangle_mop_up): Zero bsize/ksize after freeing
btypevec/ktypevec.
* testsuite/demangle-expected: Add coverage tests.

Modified:
branches/gcc-5-branch/libiberty/ChangeLog
branches/gcc-5-branch/libiberty/cp-demangle.c
branches/gcc-5-branch/libiberty/cplus-dem.c
branches/gcc-5-branch/libiberty/testsuite/demangle-expected

[Bug c++/70492] Libiberty Demangler segfaults (2)

2016-04-08 Thread bernds at gcc dot gnu.org

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70492

Bernd Schmidt  changed:

   What|Removed |Added

 Status|UNCONFIRMED |RESOLVED
 CC||bernds at gcc dot gnu.org
 Resolution|--- |FIXED

--- Comment #2 from Bernd Schmidt  ---
Fixed. Commit message went to a different PR unfortunately.

[Bug c++/70492] Libiberty Demangler segfaults (2)

2016-03-31 Thread boehme.marcel at gmail dot com

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70492

--- Comment #1 from Marcel Böhme  ---
This error was found during fuzzing with a more efficient version of AFL.

Patch and reviews available here:
https://gcc.gnu.org/ml/gcc-patches/2016-04/msg0.html

[Bug c++/70492] Libiberty Demangler segfaults (2)

[Bug c++/70492] Libiberty Demangler segfaults (2)

[Bug c++/70492] Libiberty Demangler segfaults (2)

[Bug c++/70492] Libiberty Demangler segfaults (2)

4 matches

Site Navigation

Mail list logo

Footer information