This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
PATCH: gcc/cpppch.c free(<random pointer>)
- From: Loren James Rittle <rittle at latour dot rsch dot comm dot mot dot com>
- To: gcc-patches at gcc dot gnu dot org
- Date: Thu, 17 Apr 2003 18:11:26 -0500 (CDT)
- Subject: PATCH: gcc/cpppch.c free(<random pointer>)
- Reply-to: rittle at labs dot mot dot com
Committed as obvious (yet PCH maintainers should feel free to fix in
another manner, if they so desire). When a PCH file is rejected,
there is a path which causes a random memory pointer to be passed to
free(). Found by inspection once FreeBSD malloc's implementation
reported it (due to reasons unknown, seen with i686-unknown-freebsd4.8
today but not i386-unknown-freebsd4.8 yesterday).
cc1plus in free(): warning: junk pointer, too high to make sense
* cpppch.c (cpp_valid_state): Unconditionally initialize nl.
Index: gcc/cpppch.c
===================================================================
RCS file: /cvs/gcc/gcc/gcc/cpppch.c,v
retrieving revision 1.5
diff -c -r1.5 cpppch.c
*** gcc/cpppch.c 3 Apr 2003 21:00:55 -0000 1.5
--- gcc/cpppch.c 17 Apr 2003 23:02:02 -0000
***************
*** 455,461 ****
size_t namebufsz = 256;
unsigned char *namebuf = xmalloc (namebufsz);
unsigned char *undeftab = NULL;
! struct ht_node_list nl;
unsigned char *first, *last;
unsigned int i;
--- 455,461 ----
size_t namebufsz = 256;
unsigned char *namebuf = xmalloc (namebufsz);
unsigned char *undeftab = NULL;
! struct ht_node_list nl = { 0, 0, 0 };
unsigned char *first, *last;
unsigned int i;