ecpg: fix more minor mishandling of bad input in preprocessor.

Don't get confused by an unmatched right brace in the input.
(Previously, this led to discarding information about file-level
variables and then possibly crashing.)

Detect, rather than crash on, an attempt to index into a non-array
variable.

As before, in the absence of field complaints I'm not too
excited about back-patching these.

Per valgrind testing by Alexander Lakhin.

Discussion: https://postgr.es/m/[email protected]

2 files changed, 10 insertions, 6 deletions

diff --git a/src/interfaces/ecpg/preproc/ecpg.trailer b/src/interfaces/ecpg/preproc/ecpg.trailer
index e466668ea24..424903f76e0 100644
--- a/src/interfaces/ecpg/preproc/ecpg.trailer
+++ b/src/interfaces/ecpg/preproc/ecpg.trailer
@@ -43,12 +43,15 @@ statement: ecpgstart at toplevel_stmt ';'
 	}
 	| '}'
 	{
-		remove_typedefs(braces_open);
-		remove_variables(braces_open--);
-		if (braces_open == 0)
+		if (braces_open > 0)
 		{
-			free(current_function);
-			current_function = NULL;
+			remove_typedefs(braces_open);
+			remove_variables(braces_open);
+			if (--braces_open == 0)
+			{
+				free(current_function);
+				current_function = NULL;
+			}
 		}
 		fputs("}", base_yyout);
 	}
diff --git a/src/interfaces/ecpg/preproc/variable.c b/src/interfaces/ecpg/preproc/variable.c
index a4294b8f0ff..ac80d2c0209 100644
--- a/src/interfaces/ecpg/preproc/variable.c
+++ b/src/interfaces/ecpg/preproc/variable.c
@@ -233,7 +233,8 @@ find_variable(const char *name)
 				p = find_simple(name);
 				if (p == NULL)
 					mmfatal(PARSE_ERROR, "variable \"%s\" is not declared", name);
-
+				if (p->type->type != ECPGt_array)
+					mmfatal(PARSE_ERROR, "variable \"%s\" is not a pointer", name);
 				*next = c;
 				switch (p->type->u.element->type)
 				{