[src/trunk]: src/usr.bin/xlint/lint1 Fix segmentation fault caused by freeing...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/7e873deb3fd1
branches:  trunk
changeset: 339172:7e873deb3fd1
user:      christos <christos%NetBSD.org@localhost>
date:      Wed Jul 01 15:34:30 2015 +0000

description:
Fix segmentation fault caused by freeing prematurely function parameter types
inside cast expressions.

diffstat:

 usr.bin/xlint/lint1/cgram.y |  8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diffs (31 lines):

diff -r 4234a019d867 -r 7e873deb3fd1 usr.bin/xlint/lint1/cgram.y
--- a/usr.bin/xlint/lint1/cgram.y       Wed Jul 01 12:40:07 2015 +0000
+++ b/usr.bin/xlint/lint1/cgram.y       Wed Jul 01 15:34:30 2015 +0000
@@ -1,5 +1,5 @@
 %{
-/* $NetBSD: cgram.y,v 1.69 2015/05/11 17:20:06 christos Exp $ */
+/* $NetBSD: cgram.y,v 1.70 2015/07/01 15:34:30 christos Exp $ */
 
 /*
  * Copyright (c) 1996 Christopher G. Demetriou.  All Rights Reserved.
@@ -35,7 +35,7 @@
 
 #include <sys/cdefs.h>
 #if defined(__RCSID) && !defined(lint)
-__RCSID("$NetBSD: cgram.y,v 1.69 2015/05/11 17:20:06 christos Exp $");
+__RCSID("$NetBSD: cgram.y,v 1.70 2015/07/01 15:34:30 christos Exp $");
 #endif
 
 #include <stdlib.h>
@@ -1921,8 +1921,10 @@
        /*
         * Abstract declarations are used inside expression. To free
         * the memory would be a fatal error.
+        * We don't free blocks that are inside casts because these
+        * will be used later to match types.
         */
-       if (dcs->d_ctx != ABSTRACT)
+       if (tn->tn_op != CON && dcs->d_ctx != ABSTRACT)
                tfreeblk();
 
        if ((t = v->v_tspec) == FLOAT || t == DOUBLE || t == LDOUBLE) {