From: Iain Buclaw <ibuclaw@gdcproject.org>
Date: Wed, 3 Mar 2021 14:34:04 +0000 (+0100)
Subject: d: Fix heap-buffer-overflow in checkModFileAlias [PR 99337]
X-Git-Tag: releases/gcc-10.3.0~254
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=81bedd5e898d97b87358e26a087b25741eb2c713;p=thirdparty%2Fgcc.git

d: Fix heap-buffer-overflow in checkModFileAlias [PR 99337]

The code wrongly assumed memcmp did not read past the mismatch.

gcc/d/ChangeLog:

	PR d/99337
	* dmd/dmodule.c (checkModFileAlias): Don't read past buffer in
	  comparison.

(cherry picked from commit d6177870dd2696501e3b8d3930fd5549d4acaeae)
---

diff --git a/gcc/d/dmd/dmodule.c b/gcc/d/dmd/dmodule.c
index bf1c0c1f0d90..c67626c00e59 100644
--- a/gcc/d/dmd/dmodule.c
+++ b/gcc/d/dmd/dmodule.c
@@ -202,7 +202,7 @@ static void checkModFileAlias(OutBuffer *buf, OutBuffer *dotmods,
         const char *m = (*ms)[j];
         const char *q = strchr(m, '=');
         assert(q);
-        if (dotmods->offset <= (size_t)(q - m) && memcmp(dotmods->peekString(), m, q - m) == 0)
+        if (dotmods->offset == (size_t)(q - m) && memcmp(dotmods->peekString(), m, q - m) == 0)
         {
             buf->reset();
             size_t qlen = strlen(q + 1);