From 3345e74299687de6144b87c0632018cafd4ccf3b Mon Sep 17 00:00:00 2001
From: Harald Anlauf <anlauf@gmx.de>
Date: Sat, 20 Jun 2020 16:15:16 +0200
Subject: [PATCH] PR fortran/95707 - ICE in finish_equivalences, at
 fortran/trans-common.c:1319

With submodules and equivalence declarations, name mangling may result in
long internal symbols overflowing internal buffers.  We now check that
we do not exceed the enlarged buffer sizes.

gcc/fortran/
	PR fortran/95707
	* gfortran.h (gfc_common_head): Enlarge buffer.
	* trans-common.c (gfc_sym_mangled_common_id): Enlarge temporary
	buffers, and add check on length on mangled name to prevent
	overflow.
---
 gcc/fortran/gfortran.h                |  4 ++--
 gcc/fortran/trans-common.c            |  8 +++++---
 gcc/testsuite/gfortran.dg/pr95707.f90 | 16 ++++++++++++++++
 3 files changed, 23 insertions(+), 5 deletions(-)
 create mode 100644 gcc/testsuite/gfortran.dg/pr95707.f90

diff --git a/gcc/fortran/gfortran.h b/gcc/fortran/gfortran.h
index c12a8bef2772..836e0b3063db 100644
--- a/gcc/fortran/gfortran.h
+++ b/gcc/fortran/gfortran.h
@@ -1677,8 +1677,8 @@ typedef struct gfc_common_head
   char use_assoc, saved, threadprivate;
   unsigned char omp_declare_target : 1;
   unsigned char omp_declare_target_link : 1;
-  /* Provide sufficient space to hold "symbol.eq.1234567890".  */
-  char name[GFC_MAX_SYMBOL_LEN + 1 + 14];
+  /* Provide sufficient space to hold "symbol.symbol.eq.1234567890".  */
+  char name[2*GFC_MAX_SYMBOL_LEN + 1 + 14 + 1];
   struct gfc_symbol *head;
   const char* binding_label;
   int is_bind_c;
diff --git a/gcc/fortran/trans-common.c b/gcc/fortran/trans-common.c
index 1acc336eacfe..c6383fc23529 100644
--- a/gcc/fortran/trans-common.c
+++ b/gcc/fortran/trans-common.c
@@ -242,11 +242,13 @@ static tree
 gfc_sym_mangled_common_id (gfc_common_head *com)
 {
   int has_underscore;
-  /* Provide sufficient space to hold "symbol.eq.1234567890__".  */
-  char mangled_name[GFC_MAX_MANGLED_SYMBOL_LEN + 1 + 16];
-  char name[GFC_MAX_SYMBOL_LEN + 1 + 16];
+  /* Provide sufficient space to hold "symbol.symbol.eq.1234567890__".  */
+  char mangled_name[2*GFC_MAX_MANGLED_SYMBOL_LEN + 1 + 16 + 1];
+  char name[sizeof (mangled_name) - 2];
 
   /* Get the name out of the common block pointer.  */
+  size_t len = strlen (com->name);
+  gcc_assert (len < sizeof (name));
   strcpy (name, com->name);
 
   /* If we're suppose to do a bind(c).  */
diff --git a/gcc/testsuite/gfortran.dg/pr95707.f90 b/gcc/testsuite/gfortran.dg/pr95707.f90
new file mode 100644
index 000000000000..3279a6320cfa
--- /dev/null
+++ b/gcc/testsuite/gfortran.dg/pr95707.f90
@@ -0,0 +1,16 @@
+! { dg-do compile }
+! { dg-options "-fsecond-underscore" }
+! PR fortran/95707 - ICE in finish_equivalences, at fortran/trans-common.c:1319
+
+module m2345678901234567890123456789012345678901234567890123456789_123
+  interface
+     module subroutine s2345678901234567890123456789012345678901234567890123456789_123
+     end
+  end interface
+end
+submodule(m2345678901234567890123456789012345678901234567890123456789_123) &
+          n2345678901234567890123456789012345678901234567890123456789_123
+  real :: a(4), u(3,2)
+  real :: b(4), v(4,2)
+  equivalence (a(1),u(1,1)), (b(1),v(1,1))
+end
-- 
2.43.5