This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
[Ada] Memory corruption when using formal hashed sets or maps
- From: Pierre-Marie de Rodat <derodat at adacore dot com>
- To: gcc-patches at gcc dot gnu dot org
- Cc: Claire Dross <dross at adacore dot com>
- Date: Thu, 11 Jul 2019 04:03:45 -0400
- Subject: [Ada] Memory corruption when using formal hashed sets or maps
Add a check to avoid causing a buffer overflow when the map is empty
Tested on x86_64-pc-linux-gnu, committed on trunk
2019-07-11 Claire Dross <dross@adacore.com>
gcc/ada/
* libgnat/a-cfhama.adb, libgnat/a-cfhase.adb (Free): Do not
reset the Has_Element flag if no element is freed.
--- gcc/ada/libgnat/a-cfhama.adb
+++ gcc/ada/libgnat/a-cfhama.adb
@@ -509,8 +509,11 @@ is
procedure Free (HT : in out Map; X : Count_Type) is
begin
- HT.Nodes (X).Has_Element := False;
- HT_Ops.Free (HT, X);
+ if X /= 0 then
+ pragma Assert (X <= HT.Capacity);
+ HT.Nodes (X).Has_Element := False;
+ HT_Ops.Free (HT, X);
+ end if;
end Free;
----------------------
--- gcc/ada/libgnat/a-cfhase.adb
+++ gcc/ada/libgnat/a-cfhase.adb
@@ -760,8 +760,11 @@ is
procedure Free (HT : in out Set; X : Count_Type) is
begin
- HT.Nodes (X).Has_Element := False;
- HT_Ops.Free (HT, X);
+ if X /= 0 then
+ pragma Assert (X <= HT.Capacity);
+ HT.Nodes (X).Has_Element := False;
+ HT_Ops.Free (HT, X);
+ end if;
end Free;
----------------------