Fortran: Avoid double-free with parse error (PR96041, PR93423)

gcc/fortran/

	PR fortran/96041
	PR fortran/93423
	* decl.c (gfc_match_submod_proc): Avoid later double-free
	in the error case.

diff --git a/gcc/fortran/decl.c b/gcc/fortran/decl.c
index c612b492f3e51989048372b1d6867938c33450e0..326e6f5db7aeed29ab44a80de61a5f4ce466ac27 100644 (file)
--- a/gcc/fortran/decl.c
+++ b/gcc/fortran/decl.c
@@ -9819,6 +9819,15 @@ gfc_match_submod_proc (void)
 
   if (gfc_match_eos () != MATCH_YES)
     {
+      /* Unset st->n.sym. Note: in reject_statement (), the symbol changes are
+        undone, such that the st->n.sym->formal points to the original symbol;
+        if now this namespace is finalized, the formal namespace is freed,
+        but it might be still needed in the parent namespace.  */
+      gfc_symtree *st = gfc_find_symtree (gfc_current_ns->sym_root, sym->name);
+      st->n.sym = NULL;
+      gfc_free_symbol (sym->tlink);
+      sym->tlink = NULL;
+      sym->refs--;
       gfc_syntax_error (ST_MODULE_PROC);
       return MATCH_ERROR;
     }