From: Luís Ferreira <contact@lsferreira.net>
Date: Thu, 23 Sep 2021 15:33:47 +0000 (-0400)
Subject: libiberty: prevent buffer overflow when decoding user input
X-Git-Tag: basepoints/gcc-13~4449
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5481040197402be6dfee265bd2ff5a4c88e30505;p=thirdparty%2Fgcc.git

libiberty: prevent buffer overflow when decoding user input

libiberty/
	* d-demangle.c (dlang_symbol_backref): Ensure strlen of
	string is less than length computed by dlang_number.
---

diff --git a/libiberty/d-demangle.c b/libiberty/d-demangle.c
index a2152cc65518..7ded3e2a2563 100644
--- a/libiberty/d-demangle.c
+++ b/libiberty/d-demangle.c
@@ -381,7 +381,7 @@ dlang_symbol_backref (string *decl, const char *mangled,
 
   /* Must point to a simple identifier.  */
   backref = dlang_number (backref, &len);
-  if (backref == NULL)
+  if (backref == NULL || strlen(backref) < len)
     return NULL;
 
   backref = dlang_lname (decl, backref, len);