This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug c++/87636] Infinite Recursive Stack Frames in cp-demangle.c in libiberty(function cplus_demangle_type, d_bare_function_type, d_function_type)
- From: "nickc at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Fri, 07 Dec 2018 10:34:02 +0000
- Subject: [Bug c++/87636] Infinite Recursive Stack Frames in cp-demangle.c in libiberty(function cplus_demangle_type, d_bare_function_type, d_function_type)
- Auto-submitted: auto-generated
- References: <bug-87636-4@http.gcc.gnu.org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636
--- Comment #3 from Nick Clifton <nickc at gcc dot gnu.org> ---
Author: nickc
Date: Fri Dec 7 10:33:30 2018
New Revision: 266886
URL: https://gcc.gnu.org/viewcvs?rev=266886&root=gcc&view=rev
Log:
Add a recursion limit to libiberty's demangling code. The limit is enabled by
default, but can be disabled via a new demangling option.
include * demangle.h (DMGL_NO_RECURSE_LIMIT): Define.
(DEMANGLE_RECURSION_LIMIT): Define
PR 87681
PR 87675
PR 87636
PR 87350
PR 87335
libiberty * cp-demangle.h (struct d_info): Add recursion_level field.
* cp-demangle.c (d_function_type): Add recursion counter.
If the recursion limit is reached and the check is not disabled,
then return with a failure result.
(cplus_demangle_init_info): Initialise the recursion_level field.
(d_demangle_callback): If the recursion limit is enabled, check
for a mangled string that is so long that there is not enough
stack space for the local arrays.
* cplus-dem.c (struct work): Add recursion_level field.
(squangle_mop_up): Set the numb and numk fields to zero.
(work_stuff_copy_to_from): Handle the case where a btypevec or
ktypevec field is NULL.
(demangle_nested_args): Add recursion counter. If
the recursion limit is not disabled and reached, return with a
failure result.
Modified:
trunk/include/ChangeLog
trunk/include/demangle.h
trunk/libiberty/ChangeLog
trunk/libiberty/cp-demangle.c
trunk/libiberty/cp-demangle.h
trunk/libiberty/cplus-dem.c