Re: Fix for PR70926 in Libiberty Demangler (5)

[Jeff Law <law at redhat dot com>]

On 05/26/2016 01:02 AM, Marcel BÃhme wrote:
> Hi: Pending review.
>
> Best - Marcel
>
> > On 3 May 2016, at 10:40 PM, Marcel BÃhme <boehme.marcel@gmail.com> wrote:
> >
> > Hi,
> >
> > This fixes four access violations (https://gcc.gnu.org/bugzilla/show_bug.cgi?id=70926).
> >
> > Two of these first read the value of a length variable len from the mangled string, then strncpy len characters from the mangled string; more than necessary.
> > The other two read the value of an array index n from the mangled string, which can be negative due to an overflow.
> >
> > Bootstrapped and regression tested on x86_64-pc-linux-gnu. Test cases added to libiberty/testsuite/demangler-expected and checked PR70926 is resolved.
> >
> > Best regards,
> > - Marcel
> >
> > Index: libiberty/ChangeLog
> > ===================================================================
> > --- libiberty/ChangeLog	(revision 235801)
> > +++ libiberty/ChangeLog	(working copy)
> > @@ -1,3 +1,12 @@
> > +2016-05-03  Marcel BÃhme  <boehme.marcel@gmail.com>
> > +
> > +	PR c++/70926
> > +	* cplus-dem.c: Handle large values and overflow when demangling
> > +	length variables.
> > +	(demangle_template_value_parm): Read only until end of mangled string.
> > +	(do_hpacc_template_literal): Likewise.
> > +	(do_type): Handle overflow when demangling array indices.
OK for the trunk.  Please install.

Sorry for the delays.

Jeff