gcc7: fix potential segmentation fault

Under some rare circumstances we may end up with GCC segmentation fault. This was observed with versions of sysmacros.h, which contain macros with embedded warning messages : When trying to actually display the warning, we may end up with a segmentation fault instead. The reason is the actual warning message gets parsed (the text is unquoted) and words in the message such as "not", "and" etc. are interpreted as operators CPP_NOT, CPP_AND. When the time comes to display the warning, the code uses wrong structure to access the "name" corresponding to the operators. [YOCTO #11738] (From OE-Core rev: 6f81fe4f3a1177c0049b26a070e43546bc6fe974) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-03-25 19:02:23 +01:00 · 2017-08-04 15:40:54 -07:00
parent 9952b38de4
commit b9b6ede7f8
2 changed files with 50 additions and 0 deletions
--- a/meta/recipes-devtools/gcc/gcc-7.1.inc
+++ b/meta/recipes-devtools/gcc/gcc-7.1.inc
@@ -75,6 +75,7 @@ SRC_URI = "\
           file://0048-gcc-Enable-static-PIE.patch \
           file://0049-libsanitizer-Use-stack_t-instead-of-struct-sigaltsta.patch \
           file://0050-replace-struct-ucontext-with-ucontext_t.patch \
+           file://fix-segmentation-fault-precompiled-hdr.patch \
           ${BACKPORTS} \
 "
 BACKPORTS = "\
--- a/meta/recipes-devtools/gcc/gcc-7.1/fix-segmentation-fault-precompiled-hdr.patch
+++ b/meta/recipes-devtools/gcc/gcc-7.1/fix-segmentation-fault-precompiled-hdr.patch
@@ -0,0 +1,49 @@
+
+Prevent a segmentation fault which occurs when using incorrect
+structure trying to access name of some named operators, such as 
+CPP_NOT, CPP_AND etc. "token->val.node.spelling" cannot be used in
+those cases, as is may not be initialized at all.
+
+
+[YOCTO #11738]
+
+Upstream-Status: Pending
+
+Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
+
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+--- a/libcpp/lex.c
+++ b/libcpp/lex.c
+@@ -3229,11 +3229,27 @@
+     spell_ident:
+     case SPELL_IDENT:
+       if (forstring)
+-	{
+-	  memcpy (buffer, NODE_NAME (token->val.node.spelling),
+-		  NODE_LEN (token->val.node.spelling));
+-	  buffer += NODE_LEN (token->val.node.spelling);
+-	}
+        {
+          if (token->type == CPP_NAME)
+            {
+              memcpy (buffer, NODE_NAME (token->val.node.spelling),
+                    NODE_LEN (token->val.node.spelling));
+              buffer += NODE_LEN (token->val.node.spelling);
+              break;
+            }
+          /* NAMED_OP, cannot use node.spelling */
+          if (token->flags & NAMED_OP)
+            {
+              const char *str = cpp_named_operator2name (token->type);
+              if (str)
+                {
+                  size_t len = strlen(str);
+                  memcpy(buffer, str, len);
+                  buffer += len;
+                }
+              break;
+            }
+        }
+       else
+ 	buffer = _cpp_spell_ident_ucns (buffer, token->val.node.node);
+       break;