[PATCH 04/10] libiberty: Fix crash in ada_demangle()

[Jeff Law]

On 1/10/19 5:16 PM, Ben L wrote:
> Hi all,
> 
> First time emailing gcc-patches, so I'm sorry if I get any of this wrong or if
> there's obvious errors repeated in my patches. AFAICT I should be sending each
> change individually rather than as one bulk patch, so I'm sorry about the spam
> too.
> 
> All of these changes were found by fuzzing libiberty's demanglers over the
> past week, and I have at least one more that it's currently crashing out on
> but I haven't had time to look into why yet.
> 
> Obviously since this is my first time emailing I don't have write access to
> commit any of these, so if any are approved then I'd be grateful if you can
> commit them too.
> 
> Thanks,
> Ben
> 
> --
> 
> The output buffer is pre-allocated to a maximum size under the assumption that
> special names can only occur once, however nothing was enforcing this for
> stream attributes.
> 
> To fix this we treat stream attributes that appear before the end of the
> mangled input as an error.
> 
>      * cplus-dem.c (ada_demangle): Only accept stream attributes if they're at
>      the end of the input.
>      * testsuite/demangle-expected: Add testcase.
> 
I don't feel qualified enough to ACK/NACK this patch.  What's not clear
to me is whether or not a stream attribute can or can not appear more
than once in a mangled name in Ada -- largely because of my lack of
knowledge of Ada itself.

Are function names mangled in Ada?  If so, couldn't we have multiple
parameters, each of which potentially has a stream attribute?

What about structures where there's multiple members which have stream
attributes?  If we then have to mangle the structure, then ISTM we could
end up with multiple stream attributes.

Someone with more experience in Ada and our mangling scheme will need to
chime in.

Jeff