From: Jakub Jelinek <jakub@gcc.gnu.org>
Date: Mon, 13 Dec 2010 11:11:22 +0000 (+0100)
Subject: re PR fortran/46884 (Use of charlen after free)
X-Git-Tag: upstream/12.2.0~87808
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=7d7ff3a1c8615f9e6adee9ec84fe42cc1b3597c7;p=platform%2Fupstream%2Fgcc.git

re PR fortran/46884 (Use of charlen after free)

	PR fortran/46884
	* symbol.c (gfc_new_charlen): If old_cl is non-NULL, put it
	at the ns->old_cl_list spot in the chain rather than at
	ns->cl_list.

	* gfortran.dg/pr46884.f: New test.

From-SVN: r167742
---

diff --git a/gcc/fortran/ChangeLog b/gcc/fortran/ChangeLog
index f74d9be..35c4b6e 100644
--- a/gcc/fortran/ChangeLog
+++ b/gcc/fortran/ChangeLog
@@ -1,6 +1,13 @@
+2010-12-13  Jakub Jelinek  <jakub@redhat.com>
+
+	PR fortran/46884
+	* symbol.c (gfc_new_charlen): If old_cl is non-NULL, put it
+	at the ns->old_cl_list spot in the chain rather than at
+	ns->cl_list.
+
 2010-12-12  Thomas Koenig  <tkoenig@gcc.gnu.org>
 
-	* dump-parse-tree.c (show_expr):  Add space for parens.
+	* dump-parse-tree.c (show_expr): Add space for parens.
 
 2010-12-12  Janus Weil  <janus@gcc.gnu.org>
 
diff --git a/gcc/fortran/symbol.c b/gcc/fortran/symbol.c
index 05c6235..283bfce 100644
--- a/gcc/fortran/symbol.c
+++ b/gcc/fortran/symbol.c
@@ -3219,19 +3219,29 @@ gfc_new_charlen (gfc_namespace *ns, gfc_charlen *old_cl)
   gfc_charlen *cl;
   cl = gfc_get_charlen ();
 
-  /* Put into namespace.  */
-  cl->next = ns->cl_list;
-  ns->cl_list = cl;
-
   /* Copy old_cl.  */
   if (old_cl)
     {
+      /* Put into namespace, but don't allow reject_statement
+	 to free it if old_cl is given.  */
+      gfc_charlen **prev = &ns->cl_list;
+      cl->next = ns->old_cl_list;
+      while (*prev != ns->old_cl_list)
+	prev = &(*prev)->next;
+      *prev = cl;
+      ns->old_cl_list = cl;
       cl->length = gfc_copy_expr (old_cl->length);
       cl->length_from_typespec = old_cl->length_from_typespec;
       cl->backend_decl = old_cl->backend_decl;
       cl->passed_length = old_cl->passed_length;
       cl->resolved = old_cl->resolved;
     }
+  else
+    {
+      /* Put into namespace.  */
+      cl->next = ns->cl_list;
+      ns->cl_list = cl;
+    }
 
   return cl;
 }
diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog
index dec16b5..0edad69 100644
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,3 +1,8 @@
+2010-12-13  Jakub Jelinek  <jakub@redhat.com>
+
+	PR fortran/46884
+	* gfortran.dg/pr46884.f: New test.
+
 2010-12-13  Iain Sandoe  <iains@gcc.gnu.org>
 
 	* objc.dg/gnu-encoding/struct-layout-encoding-1_generate.c:
diff --git a/gcc/testsuite/gfortran.dg/pr46884.f b/gcc/testsuite/gfortran.dg/pr46884.f
new file mode 100644
index 0000000..54ae57d
--- /dev/null
+++ b/gcc/testsuite/gfortran.dg/pr46884.f
@@ -0,0 +1,8 @@
+C PR fortran/46884
+C { dg-do compile }
+C { dg-options "" }
+      SUBROUTINE F
+      IMPLICIT CHARACTER*12 (C)
+      CALL G(C1)
+      CALL H(C1(1:4))
+      END