This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Committed] PR fortran/88357 -- NULL pointer dereferences


Invalid code can cause the gfortran to dereference NULL pointers.
The patch fixes this.

2018-12-08  Steven G. Kargl  <kargl@gcc.gnu.org>

	PR fortran/88357
	* class.c (insert_component_ref): Check for NULL pointer and 
	previous error message issued.
	* parse.c (parse_associate): Check for NULL pointer.
	* resolve.c (resolve_assoc_var): Check for NULL pointer.

2018-12-08  Steven G. Kargl  <kargl@gcc.gnu.org>

	* gfortran.dg/pr88357_1.f90: New test.
	* gfortran.dg/pr88357_2.f90: New test.

-- 
Steve
Index: gcc/fortran/class.c
===================================================================
--- gcc/fortran/class.c	(revision 266907)
+++ gcc/fortran/class.c	(working copy)
@@ -72,14 +72,18 @@ along with GCC; see the file COPYING3.  If not see
 static void
 insert_component_ref (gfc_typespec *ts, gfc_ref **ref, const char * const name)
 {
-  gfc_symbol *type_sym;
   gfc_ref *new_ref;
+  int wcnt, ecnt;
 
   gcc_assert (ts->type == BT_DERIVED || ts->type == BT_CLASS);
-  type_sym = ts->u.derived;
 
-  gfc_find_component (type_sym, name, true, true, &new_ref);
+  gfc_find_component (ts->u.derived, name, true, true, &new_ref);
+
+  gfc_get_errors (&wcnt, &ecnt);
+  if (ecnt > 0 && !new_ref)
+    return;
   gcc_assert (new_ref->u.c.component);
+
   while (new_ref->next)
     new_ref = new_ref->next;
   new_ref->next = *ref;
Index: gcc/fortran/parse.c
===================================================================
--- gcc/fortran/parse.c	(revision 266907)
+++ gcc/fortran/parse.c	(working copy)
@@ -4563,7 +4563,7 @@ parse_associate (void)
 	  else
 	    rank = a->target->rank;
 	  /* When the rank is greater than zero then sym will be an array.  */
-	  if (sym->ts.type == BT_CLASS)
+	  if (sym->ts.type == BT_CLASS && CLASS_DATA (sym))
 	    {
 	      if ((!CLASS_DATA (sym)->as && rank != 0)
 		  || (CLASS_DATA (sym)->as
Index: gcc/fortran/resolve.c
===================================================================
--- gcc/fortran/resolve.c	(revision 266907)
+++ gcc/fortran/resolve.c	(working copy)
@@ -8715,7 +8715,8 @@ resolve_assoc_var (gfc_symbol* sym, bool resolve_targe
     {
       /* target's rank is 0, but the type of the sym is still array valued,
 	 which has to be corrected.  */
-      if (sym->ts.type == BT_CLASS && CLASS_DATA (sym)->as)
+      if (sym->ts.type == BT_CLASS
+	  && CLASS_DATA (sym) && CLASS_DATA (sym)->as)
 	{
 	  gfc_array_spec *as;
 	  symbol_attribute attr;
Index: gcc/testsuite/gfortran.dg/pr88357_1.f90
===================================================================
--- gcc/testsuite/gfortran.dg/pr88357_1.f90	(nonexistent)
+++ gcc/testsuite/gfortran.dg/pr88357_1.f90	(working copy)
@@ -0,0 +1,9 @@
+! { dg-do compile }
+! { dg-options "-fcoarray=single" }
+program p
+   type t
+   end type
+   class(t) :: x[*]     ! { dg-error "must be dummy, allocatable or pointer" }
+   associate (y => x)
+   end associate
+end
Index: gcc/testsuite/gfortran.dg/pr88357_2.f90
===================================================================
--- gcc/testsuite/gfortran.dg/pr88357_2.f90	(nonexistent)
+++ gcc/testsuite/gfortran.dg/pr88357_2.f90	(working copy)
@@ -0,0 +1,8 @@
+! { dg-do compile }
+program p
+   type t
+   end type
+   class(t) :: x     ! { dg-error "must be dummy, allocatable or pointer" }
+   associate (y => x)
+   end associate
+end

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]