Fix latent crash in ada_variant_discrim_name

ada_variant_discrim_name does this:

  for (discrim_end = name + strlen (name) - 6; discrim_end != name;

If NAME is too short, this will construct an invalid pointer, perhaps
causing a crash.

This patch arranges to check the length first.

diff --git a/gdb/ada-lang.c b/gdb/ada-lang.c
index 95ceb10d3ab83fed3b8c2646ed83ee8ef17b2d18..aef2b1debba6edcd5c5311386c0ae4174dc42322 100644 (file)
--- a/gdb/ada-lang.c
+++ b/gdb/ada-lang.c
@@ -6685,8 +6685,10 @@ ada_variant_discrim_name (struct type *type0)
   if (name == NULL || name[0] == '\000')
     return "";
 
-  for (discrim_end = name + strlen (name) - 6; discrim_end != name;
-       discrim_end -= 1)
+  size_t len = strlen (name);
+  if (len < 6)
+    return "";
+  for (discrim_end = name + len - 6; discrim_end != name; discrim_end -= 1)
     {
       if (startswith (discrim_end, "___XVN"))
        break;