[committed] avoid invalid redeclarations (PR 97861)

Fri, 20 Nov 2020 13:42:19 -0800 

When checking for mismatches between the array forms of arguments
between the current and the new declaration of a function
warn_parm_array_mismatch() assumes that the new declaration is
valid and compatible with the current one.  When that's not so
the function crashes with a null pointer dereference.  In r11-5213
I have committed the attached fix to avoid this unsafe assumption.

Martin


commit 27c5416fc8a4c2b33a0d6b6a26da2518791e0464
Author: Martin Sebor <mse...@redhat.com>
Date:   Fri Nov 20 14:35:25 2020 -0700

    PR middle-end/97861 - ICE on an invalid redeclaration of a function with attribute access
    
    gcc/c-family/ChangeLog:
            * c-warn.c (warn_parm_array_mismatch): Bail on invalid redeclarations
            with fewer arguments.
    
    gcc/testsuite/ChangeLog:
            * gcc.dg/attr-access-4.c: New test.

diff --git a/gcc/c-family/c-warn.c b/gcc/c-family/c-warn.c
index 6d1f9a73e44..6d22a113ad0 100644
--- a/gcc/c-family/c-warn.c
+++ b/gcc/c-family/c-warn.c
@@ -3374,18 +3374,20 @@ warn_parm_array_mismatch (location_t origloc, tree fndecl, tree newparms)
   for (tree curp = curparms, newp = newparms; curp;
        curp = TREE_CHAIN (curp), newp = TREE_CHAIN (newp), ++parmpos)
     {
+      if (!newp)
+	/* Bail on invalid redeclarations with fewer arguments.  */
+	return;
+
       /* Only check pointers and C++ references.  */
       tree newptype = TREE_TYPE (newp);
       if (!POINTER_TYPE_P (newptype))
 	continue;
 
-      {
-	/* Skip mismatches in __builtin_va_list that is commonly
-	   an array but that in declarations of built-ins decays
-	   to a pointer.  */
-	if (builtin && TREE_TYPE (newptype) == TREE_TYPE (va_list_type_node))
-	  continue;
-      }
+      /* Skip mismatches in __builtin_va_list that is commonly
+	 an array but that in declarations of built-ins decays
+	 to a pointer.  */
+      if (builtin && TREE_TYPE (newptype) == TREE_TYPE (va_list_type_node))
+	continue;
 
       /* Access specs for the argument on the current (previous) and
 	 new (to replace the current) declarations.  Either may be null,
diff --git a/gcc/testsuite/gcc.dg/attr-access-4.c b/gcc/testsuite/gcc.dg/attr-access-4.c
new file mode 100644
index 00000000000..7a2870a0ee4
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/attr-access-4.c
@@ -0,0 +1,8 @@
+/* PR middle-end/97861 - ICE on an invalid redeclaration of a function
+   with attribute access
+   { dg-do compile }
+   { dg-options "-Wall" } */
+
+__attribute__ ((access (read_only, 2)))
+void f (int, int*);
+void f (int a) { }  // { dg-error "conflicting types for 'f'" }

Reply via email to