This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: ICE in cpp with


> (gdb) up
> #1  0x41535c in _cpp_parse_assertion (pfile=0x10032a40, answerp=0x7ffffb40) at /home/sites/home/users/aj/cvs/gcc/gcc/cpplib.c:1331
> 1331      return cpp_lookup (pfile, sym, len);

Hmmm, the referenced code looks like a buffer overflow:-

 lookup_node:
  *answerp = answer;
  len = predicate->val.name.len + 1;
  sym = alloca (len);

  /* Prefix '#' to get it out of macro namespace.  */
  sym[0] = '#';
  memcpy (sym + 1, predicate->val.name.text, len);
  return cpp_lookup (pfile, sym, len);

does instead

  memcpy (sym + 1, predicate->val.name.text, len - 1);

fix the problem?

Neil.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]