Bug 105039

Summary: rust demangler stack overflow
Product: gcc Reporter: Alan Modra <amodra>
Component: demanglerAssignee: Not yet assigned to anyone <unassigned>
Status: RESOLVED FIXED    
Severity: normal CC: herrtimson, hs.naveen2u, JEREMY.ROBINSON, mark.esler, nickc
Priority: P3    
Version: 12.0   
Target Milestone: ---   
Host: Target:
Build: Known to work:
Known to fail: Last reconfirmed:

Description Alan Modra 2022-03-24 00:33:20 UTC 
From https://sourceware.org/bugzilla/show_bug.cgi?id=28995

c++filt _RYAaca_NRYAaBa_a

AddressSanitizer:DEADLYSIGNAL
=================================================================
==4145846==ERROR: AddressSanitizer: stack-overflow on address 0x7ffd205e8ff8 (pc 0x0000021dfea9 bp 0x00000000005f sp 0x7ffd205e9000 T0)
    #0 0x21dfea9 in peek /home/alan/src/binutils-gdb/libiberty/rust-demangle.c:90
    #1 0x21dfd8c in eat /home/alan/src/binutils-gdb/libiberty/rust-demangle.c:99:7
    #2 0x21e1bb4 in parse_integer_62 /home/alan/src/binutils-gdb/libiberty/rust-demangle.c:125:7
    #3 0x21e2019 in demangle_const /home/alan/src/binutils-gdb/libiberty/rust-demangle.c:1153:17
    #4 0x21e20a7 in demangle_const /home/alan/src/binutils-gdb/libiberty/rust-demangle.c:1158:11

and lots more at 1158:11.  This is with libiberty sources from gcc commit 4cebae0924248b.
Comment 1 Nick Clifton 2022-03-24 13:13:59 UTC 
Proposed patch submitted here:

https://gcc.gnu.org/pipermail/gcc-patches/2022-March/592244.html
Comment 2 Jeremy Robinson 2022-05-12 22:59:31 UTC 
Respectfully pinging this issue to ask for a review of the proposed patch.
Comment 3 hs.naveen2u 2022-06-27 09:54:27 UTC 
Can anyone please review the patch so that it can be used?
Comment 4 GCC Commits 2022-07-01 15:00:27 UTC 
The master branch has been updated by Nick Clifton <nickc@gcc.gnu.org>:

https://gcc.gnu.org/g:9234cdca6ee88badfc00297e72f13dac4e540c79

commit r13-1393-g9234cdca6ee88badfc00297e72f13dac4e540c79
Author: Nick Clifton <nickc@redhat.com>
Date:   Fri Jul 1 15:58:52 2022 +0100

    Add a recursion limit to the demangle_const function in the Rust demangler.
    
    libiberty/
            PR demangler/105039
            * rust-demangle.c (demangle_const): Add recursion limit.
Comment 5 Nick Clifton 2022-07-01 15:01:22 UTC 
Patch applied.
Comment 6 hs.naveen2u 2022-07-04 03:50:50 UTC 
Thanks very much for committing the patch.