gdb/patches/gdb-6.7.1-dwarf-stack-overflow.patch

http://bugs.gentoo.org/144833

for gdb/ChangeLog:
2006-08-22  Will Drewry <wad@google.com>
	    Tavis Ormandy <taviso@google.com>

	* dwarf2read.c (decode_locdesc): Enforce location description stack
	boundaries.
	* dwarfread.c (locval): Likewise.

Index: gdb-6.5/gdb/dwarf2read.c
===================================================================
--- gdb-6.5.orig/gdb/dwarf2read.c	2006-09-04 02:02:23.000000000 -0300
+++ gdb-6.5/gdb/dwarf2read.c	2006-09-04 02:02:23.000000000 -0300
@@ -8667,8 +8667,7 @@ dwarf2_fundamental_type (struct objfile 
    callers will only want a very basic result and this can become a
    complaint.
 
-   Note that stack[0] is unused except as a default error return.
-   Note that stack overflow is not yet handled.  */
+   Note that stack[0] is unused except as a default error return. */
 
 static CORE_ADDR
 decode_locdesc (struct dwarf_block *blk, struct dwarf2_cu *cu)
@@ -8685,7 +8684,7 @@ decode_locdesc (struct dwarf_block *blk,
 
   i = 0;
   stacki = 0;
-  stack[stacki] = 0;
+  stack[++stacki] = 0;
 
   while (i < size)
     {
@@ -8864,6 +8863,16 @@ decode_locdesc (struct dwarf_block *blk,
 		     dwarf_stack_op_name (op));
 	  return (stack[stacki]);
 	}
+      /* Enforce maximum stack depth of size-1 to avoid ++stacki writing
+         outside of the allocated space. Also enforce minimum > 0.
+         -- wad@google.com 14 Aug 2006 */
+      if (stacki >= sizeof (stack) / sizeof (*stack) - 1)
+	internal_error (__FILE__, __LINE__,
+	                _("location description stack too deep: %d"),
+	                stacki);
+      if (stacki <= 0)
+	internal_error (__FILE__, __LINE__,
+	                _("location description stack too shallow"));
     }
   return (stack[stacki]);
 }
1	http://bugs.gentoo.org/144833
2
3	for gdb/ChangeLog:
4	2006-08-22 Will Drewry <wad@google.com>
5	Tavis Ormandy <taviso@google.com>
6
7	* dwarf2read.c (decode_locdesc): Enforce location description stack
8	boundaries.
9	* dwarfread.c (locval): Likewise.
10
11	Index: gdb-6.5/gdb/dwarf2read.c
12	===================================================================
13	--- gdb-6.5.orig/gdb/dwarf2read.c 2006-09-04 02:02:23.000000000 -0300
14	+++ gdb-6.5/gdb/dwarf2read.c 2006-09-04 02:02:23.000000000 -0300
15	@@ -8667,8 +8667,7 @@ dwarf2_fundamental_type (struct objfile
16	callers will only want a very basic result and this can become a
17	complaint.
18
19	- Note that stack[0] is unused except as a default error return.
20	- Note that stack overflow is not yet handled. */
21	+ Note that stack[0] is unused except as a default error return. */
22
23	static CORE_ADDR
24	decode_locdesc (struct dwarf_block blk, struct dwarf2_cu cu)
25	@@ -8685,7 +8684,7 @@ decode_locdesc (struct dwarf_block *blk,
26
27	i = 0;
28	stacki = 0;
29	- stack[stacki] = 0;
30	+ stack[++stacki] = 0;
31
32	while (i < size)
33	{
34	@@ -8864,6 +8863,16 @@ decode_locdesc (struct dwarf_block *blk,
35	dwarf_stack_op_name (op));
36	return (stack[stacki]);
37	}
38	+ /* Enforce maximum stack depth of size-1 to avoid ++stacki writing
39	+ outside of the allocated space. Also enforce minimum > 0.
40	+ -- wad@google.com 14 Aug 2006 */
41	+ if (stacki >= sizeof (stack) / sizeof (*stack) - 1)
42	+ internal_error (__FILE__, __LINE__,
43	+ _("location description stack too deep: %d"),
44	+ stacki);
45	+ if (stacki <= 0)
46	+ internal_error (__FILE__, __LINE__,
47	+ _("location description stack too shallow"));
48	}
49	return (stack[stacki]);
50	}