Contents of /trunk/gdb/patches/gdb-6.7.1-dwarf-stack-overflow.patch
Parent Directory | Revision Log
Revision 557 -
(show annotations)
(download)
Mon Mar 31 11:07:22 2008 UTC (16 years, 6 months ago) by niro
File size: 1739 byte(s)
Mon Mar 31 11:07:22 2008 UTC (16 years, 6 months ago) by niro
File size: 1739 byte(s)
-re-diff
1 | http://bugs.gentoo.org/144833 |
2 | |
3 | for gdb/ChangeLog: |
4 | 2006-08-22 Will Drewry <wad@google.com> |
5 | Tavis Ormandy <taviso@google.com> |
6 | |
7 | * dwarf2read.c (decode_locdesc): Enforce location description stack |
8 | boundaries. |
9 | * dwarfread.c (locval): Likewise. |
10 | |
11 | Index: gdb-6.5/gdb/dwarf2read.c |
12 | =================================================================== |
13 | --- gdb-6.5.orig/gdb/dwarf2read.c 2006-09-04 02:02:23.000000000 -0300 |
14 | +++ gdb-6.5/gdb/dwarf2read.c 2006-09-04 02:02:23.000000000 -0300 |
15 | @@ -8667,8 +8667,7 @@ dwarf2_fundamental_type (struct objfile |
16 | callers will only want a very basic result and this can become a |
17 | complaint. |
18 | |
19 | - Note that stack[0] is unused except as a default error return. |
20 | - Note that stack overflow is not yet handled. */ |
21 | + Note that stack[0] is unused except as a default error return. */ |
22 | |
23 | static CORE_ADDR |
24 | decode_locdesc (struct dwarf_block *blk, struct dwarf2_cu *cu) |
25 | @@ -8685,7 +8684,7 @@ decode_locdesc (struct dwarf_block *blk, |
26 | |
27 | i = 0; |
28 | stacki = 0; |
29 | - stack[stacki] = 0; |
30 | + stack[++stacki] = 0; |
31 | |
32 | while (i < size) |
33 | { |
34 | @@ -8864,6 +8863,16 @@ decode_locdesc (struct dwarf_block *blk, |
35 | dwarf_stack_op_name (op)); |
36 | return (stack[stacki]); |
37 | } |
38 | + /* Enforce maximum stack depth of size-1 to avoid ++stacki writing |
39 | + outside of the allocated space. Also enforce minimum > 0. |
40 | + -- wad@google.com 14 Aug 2006 */ |
41 | + if (stacki >= sizeof (stack) / sizeof (*stack) - 1) |
42 | + internal_error (__FILE__, __LINE__, |
43 | + _("location description stack too deep: %d"), |
44 | + stacki); |
45 | + if (stacki <= 0) |
46 | + internal_error (__FILE__, __LINE__, |
47 | + _("location description stack too shallow")); |
48 | } |
49 | return (stack[stacki]); |
50 | } |