Contents of /trunk/gdb/patches/gdb-6.6-dwarf-stack-overflow.patch
Parent Directory | Revision Log
Revision 144 -
(show annotations)
(download)
Tue May 8 20:06:05 2007 UTC (17 years, 4 months ago) by niro
File size: 3117 byte(s)
Tue May 8 20:06:05 2007 UTC (17 years, 4 months ago) by niro
File size: 3117 byte(s)
-import
1 | http://bugs.gentoo.org/144833 |
2 | |
3 | for gdb/ChangeLog: |
4 | 2006-08-22 Will Drewry <wad@google.com> |
5 | Tavis Ormandy <taviso@google.com> |
6 | |
7 | * dwarf2read.c (decode_locdesc): Enforce location description stack |
8 | boundaries. |
9 | * dwarfread.c (locval): Likewise. |
10 | |
11 | Index: gdb-6.5/gdb/dwarf2read.c |
12 | =================================================================== |
13 | --- gdb-6.5.orig/gdb/dwarf2read.c 2006-09-04 02:02:23.000000000 -0300 |
14 | +++ gdb-6.5/gdb/dwarf2read.c 2006-09-04 02:02:23.000000000 -0300 |
15 | @@ -8667,8 +8667,7 @@ dwarf2_fundamental_type (struct objfile |
16 | callers will only want a very basic result and this can become a |
17 | complaint. |
18 | |
19 | - Note that stack[0] is unused except as a default error return. |
20 | - Note that stack overflow is not yet handled. */ |
21 | + Note that stack[0] is unused except as a default error return. */ |
22 | |
23 | static CORE_ADDR |
24 | decode_locdesc (struct dwarf_block *blk, struct dwarf2_cu *cu) |
25 | @@ -8685,7 +8684,7 @@ decode_locdesc (struct dwarf_block *blk, |
26 | |
27 | i = 0; |
28 | stacki = 0; |
29 | - stack[stacki] = 0; |
30 | + stack[++stacki] = 0; |
31 | |
32 | while (i < size) |
33 | { |
34 | @@ -8864,6 +8863,16 @@ decode_locdesc (struct dwarf_block *blk, |
35 | dwarf_stack_op_name (op)); |
36 | return (stack[stacki]); |
37 | } |
38 | + /* Enforce maximum stack depth of size-1 to avoid ++stacki writing |
39 | + outside of the allocated space. Also enforce minimum > 0. |
40 | + -- wad@google.com 14 Aug 2006 */ |
41 | + if (stacki >= sizeof (stack) / sizeof (*stack) - 1) |
42 | + internal_error (__FILE__, __LINE__, |
43 | + _("location description stack too deep: %d"), |
44 | + stacki); |
45 | + if (stacki <= 0) |
46 | + internal_error (__FILE__, __LINE__, |
47 | + _("location description stack too shallow")); |
48 | } |
49 | return (stack[stacki]); |
50 | } |
51 | Index: gdb-6.5/gdb/dwarfread.c |
52 | =================================================================== |
53 | --- gdb-6.5.orig/gdb/dwarfread.c 2005-12-17 20:33:59.000000000 -0200 |
54 | +++ gdb-6.5/gdb/dwarfread.c 2006-09-04 02:02:23.000000000 -0300 |
55 | @@ -2138,9 +2138,7 @@ decode_line_numbers (char *linetable) |
56 | |
57 | NOTES |
58 | |
59 | - Note that stack[0] is unused except as a default error return. |
60 | - Note that stack overflow is not yet handled. |
61 | - */ |
62 | + Note that stack[0] is unused except as a default error return. */ |
63 | |
64 | static int |
65 | locval (struct dieinfo *dip) |
66 | @@ -2160,7 +2158,7 @@ locval (struct dieinfo *dip) |
67 | loc += nbytes; |
68 | end = loc + locsize; |
69 | stacki = 0; |
70 | - stack[stacki] = 0; |
71 | + stack[++stacki] = 0; |
72 | dip->isreg = 0; |
73 | dip->offreg = 0; |
74 | dip->optimized_out = 1; |
75 | @@ -2224,6 +2222,16 @@ locval (struct dieinfo *dip) |
76 | stacki--; |
77 | break; |
78 | } |
79 | + /* Enforce maximum stack depth of size-1 to avoid ++stacki writing |
80 | + outside of the allocated space. Also enforce minimum > 0. |
81 | + -- wad@google.com 14 Aug 2006 */ |
82 | + if (stacki >= sizeof (stack) / sizeof (*stack) - 1) |
83 | + internal_error (__FILE__, __LINE__, |
84 | + _("location description stack too deep: %d"), |
85 | + stacki); |
86 | + if (stacki <= 0) |
87 | + internal_error (__FILE__, __LINE__, |
88 | + _("location description stack too shallow")); |
89 | } |
90 | return (stack[stacki]); |
91 | } |