gcc7: fix potential segmentation fault

Under some rare circumstances we may end up with GCC segmentation fault.
This was observed with versions of sysmacros.h, which contain macros
with embedded warning messages :

When trying to actually display the warning, we may end up with a segmentation
fault instead. The reason is the actual warning message gets parsed (the text is
unquoted) and words in the message such as "not", "and" etc. are interpreted as
operators CPP_NOT, CPP_AND. When the time comes to display the warning, the code
uses wrong structure to access the "name" corresponding to the operators.

[YOCTO #11738]

(From OE-Core rev: 6f81fe4f3a1177c0049b26a070e43546bc6fe974)

Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2 files changed, 50 insertions, 0 deletions

diff --git a/meta/recipes-devtools/gcc/gcc-7.1.inc b/meta/recipes-devtools/gcc/gcc-7.1.inc
index 3f1c06dafd..2d9ca82de9 100644
--- a/meta/recipes-devtools/gcc/gcc-7.1.inc
+++ b/meta/recipes-devtools/gcc/gcc-7.1.inc
@@ -75,6 +75,7 @@ SRC_URI = "\
            file://0048-gcc-Enable-static-PIE.patch \
            file://0049-libsanitizer-Use-stack_t-instead-of-struct-sigaltsta.patch \
            file://0050-replace-struct-ucontext-with-ucontext_t.patch \
+           file://fix-segmentation-fault-precompiled-hdr.patch \
            ${BACKPORTS} \
 "
 BACKPORTS = "\
diff --git a/meta/recipes-devtools/gcc/gcc-7.1/fix-segmentation-fault-precompiled-hdr.patch b/meta/recipes-devtools/gcc/gcc-7.1/fix-segmentation-fault-precompiled-hdr.patch
new file mode 100644
index 0000000000..c0adef6f2f
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc-7.1/fix-segmentation-fault-precompiled-hdr.patch
@@ -0,0 +1,49 @@
+
+Prevent a segmentation fault which occurs when using incorrect
+structure trying to access name of some named operators, such as 
+CPP_NOT, CPP_AND etc. "token->val.node.spelling" cannot be used in
+those cases, as is may not be initialized at all.
+
+
+[YOCTO #11738]
+
+Upstream-Status: Pending
+
+Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
+
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+--- a/libcpp/lex.c
++++ b/libcpp/lex.c
+@@ -3229,11 +3229,27 @@
+     spell_ident:
+     case SPELL_IDENT:
+       if (forstring)
+-       {
+-         memcpy (buffer, NODE_NAME (token->val.node.spelling),
+-                 NODE_LEN (token->val.node.spelling));
+-         buffer += NODE_LEN (token->val.node.spelling);
+-       }
++        {
++          if (token->type == CPP_NAME)
++            {
++              memcpy (buffer, NODE_NAME (token->val.node.spelling),
++                    NODE_LEN (token->val.node.spelling));
++              buffer += NODE_LEN (token->val.node.spelling);
++              break;
++            }
++          /* NAMED_OP, cannot use node.spelling */
++          if (token->flags & NAMED_OP)
++            {
++              const char *str = cpp_named_operator2name (token->type);
++              if (str)
++                {
++                  size_t len = strlen(str);
++                  memcpy(buffer, str, len);
++                  buffer += len;
++                }
++              break;
++            }
++        }
+       else
+        buffer = _cpp_spell_ident_ucns (buffer, token->val.node.node);
+       break;