From patchwork Thu Dec 17 18:32:06 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Malcolm X-Patchwork-Id: 558535 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 064481402CD for ; Fri, 18 Dec 2015 05:12:33 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b=DJugE2Q0; dkim-atps=neutral DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :to:cc:subject:date:message-id; q=dns; s=default; b=dInnWlXpf5MO 91NBgxsyVB2s5TJqCpag2YMbuvpHPFL5+Jwm5b7+v5nmCWz4znsyfAVWQWs876lE jgbOhlKWN+gVIJXkINPIq0sUxPb4TgVwcRd6ctzrdv3R5UsTU1xRS4p1NEC4V80g YubWhZmyE92rkGhY3SkGeljqyBI+WlU= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id :list-unsubscribe:list-archive:list-post:list-help:sender:from :to:cc:subject:date:message-id; s=default; bh=2g9ZRV5Fp+lMv6TmW0 fgACHnQcE=; b=DJugE2Q002f4gSBxgcha3tO9D9pSFwiZpdPkxa/uW5+19IBji0 p3mZoTq0cEf/drWL9SazQiUEIJdaS0Vtmlk5Kk5AOQXO136kaMSiVwCn5G/k6VrB 7KjFNUhB9i6Mfxcf/1cYHd1dRPRSrrk6kkLYL452Iw70aMLQwjIh7+vhs= Received: (qmail 7760 invoked by alias); 17 Dec 2015 18:12:25 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Delivered-To: mailing list gcc-patches@gcc.gnu.org Received: (qmail 7733 invoked by uid 89); 17 Dec 2015 18:12:24 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.3 required=5.0 tests=AWL, BAYES_00, KAM_LAZY_DOMAIN_SECURITY, SPF_HELO_PASS, T_RP_MATCHES_RCVD autolearn=no version=3.3.2 spammy=finishing, start_loc, 7403 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Thu, 17 Dec 2015 18:12:24 +0000 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by mx1.redhat.com (Postfix) with ESMTPS id 0035C31D8A2 for ; Thu, 17 Dec 2015 18:12:22 +0000 (UTC) Received: from c64.redhat.com (vpn-238-113.phx2.redhat.com [10.3.238.113]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id tBHICMsC024288; Thu, 17 Dec 2015 13:12:22 -0500 From: David Malcolm To: gcc-patches@gcc.gnu.org Cc: David Malcolm Subject: [PATCH] PR c++/68795: fix uninitialized close_paren_loc in cp_parser_postfix_expression Date: Thu, 17 Dec 2015 13:32:06 -0500 Message-Id: <1450377126-17734-1-git-send-email-dmalcolm@redhat.com> X-IsSubscribed: yes cp_parser_parenthesized_expression_list can leave *close_paren_loc untouched if an error occurs; specifically when following this goto: 7402 if (expr == error_mark_node) 7403 goto skip_comma; which can lead to cp_parser_postfix_expression attempting to use uninitialized data for the finishing location of a parenthesized expression. The attached patch fixes this by having cp_parser_postfix_expression initialize the underlying location to UNKNOWN_LOCATION, and only use it if it's been written to. Verified the fix manually by compiling g++.old-deja/g++.ns/invalid1.C before and after under valgrind. Successfully bootstrapped®rtested on x86_64-pc-linux-gnu. OK for trunk? gcc/cp/ChangeLog: * parser.c (cp_parser_postfix_expression): Initialize close_paren_loc to UNKNOWN_LOCATION; only use it if it has been written to by cp_parser_parenthesized_expression_list. (cp_parser_postfix_dot_deref_expression): Likewise. (cp_parser_parenthesized_expression_list): Document the behavior with respect to the CLOSE_PAREN_LOC param. --- gcc/cp/parser.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/gcc/cp/parser.c b/gcc/cp/parser.c index a420cf1..56dfe42 100644 --- a/gcc/cp/parser.c +++ b/gcc/cp/parser.c @@ -6664,7 +6664,7 @@ cp_parser_postfix_expression (cp_parser *parser, bool address_p, bool cast_p, bool saved_non_integral_constant_expression_p = false; tsubst_flags_t complain = complain_flags (decltype_p); vec *args; - location_t close_paren_loc; + location_t close_paren_loc = UNKNOWN_LOCATION; is_member_access = false; @@ -6826,10 +6826,13 @@ cp_parser_postfix_expression (cp_parser *parser, bool address_p, bool cast_p, koenig_p, complain); - location_t combined_loc = make_location (token->location, - start_loc, - close_paren_loc); - postfix_expression.set_location (combined_loc); + if (close_paren_loc) + { + location_t combined_loc = make_location (token->location, + start_loc, + close_paren_loc); + postfix_expression.set_location (combined_loc); + } /* The POSTFIX_EXPRESSION is certainly no longer an id. */ idk = CP_ID_KIND_NONE; @@ -7298,7 +7301,10 @@ cp_parser_postfix_dot_deref_expression (cp_parser *parser, plain identifier argument, normal_attr for an attribute that wants an expression, or non_attr if we aren't parsing an attribute list. If NON_CONSTANT_P is non-NULL, *NON_CONSTANT_P indicates whether or - not all of the expressions in the list were constant. */ + not all of the expressions in the list were constant. + If CLOSE_PAREN_LOC is non-NULL, and no errors occur, then *CLOSE_PAREN_LOC + will be written to with the location of the closing parenthesis. If + an error occurs, it may or may not be written to. */ static vec * cp_parser_parenthesized_expression_list (cp_parser* parser,