diff options
| author | Gary Benson <gbenson@redhat.com> | 2015-04-14 12:35:30 +0100 |
|---|---|---|
| committer | Gary Benson <gbenson@redhat.com> | 2015-04-14 12:35:30 +0100 |
| commit | 326a5c7e368d49251ad48b2091388d8f424bfc54 (patch) | |
| tree | 0562478dab7f4c421f411a154b1b526df40e4498 | |
| parent | 889c2a67967f7047c245779a0a0fd8ba8796846e (diff) | |
| download | fsf-binutils-gdb-326a5c7e368d49251ad48b2091388d8f424bfc54.zip fsf-binutils-gdb-326a5c7e368d49251ad48b2091388d8f424bfc54.tar.gz fsf-binutils-gdb-326a5c7e368d49251ad48b2091388d8f424bfc54.tar.bz2 | |
Zero supplied stat buffers in functions that pretend to stat
GDB has five places where it pretends to stat for bfd_openr_iovec.
Four of these only set the incoming buffer's st_size, leaving the
other fields unchanged, which is to say very likely populated with
random values from the stack. remote_bfd_iovec_stat was fixed in
0a93529c56714b1da3d7106d3e0300764f8bb81c; this commit fixes the
other four.
gdb/ChangeLog:
* jit.c (mem_bfd_iovec_stat): Zero supplied buffer.
* minidebug.c (lzma_stat): Likewise.
* solib-spu.c (spu_bfd_iovec_stat): Likewise.
* spu-linux-nat.c (spu_bfd_iovec_stat): Likewise.
| -rw-r--r-- | gdb/ChangeLog | 7 | ||||
| -rw-r--r-- | gdb/jit.c | 1 | ||||
| -rw-r--r-- | gdb/minidebug.c | 1 | ||||
| -rw-r--r-- | gdb/solib-spu.c | 1 | ||||
| -rw-r--r-- | gdb/spu-linux-nat.c | 1 |
5 files changed, 11 insertions, 0 deletions
diff --git a/gdb/ChangeLog b/gdb/ChangeLog index 9a027f3..acb408b 100644 --- a/gdb/ChangeLog +++ b/gdb/ChangeLog @@ -1,3 +1,10 @@ +2015-04-14 Gary Benson <gbenson@redhat.com> + + * jit.c (mem_bfd_iovec_stat): Zero supplied buffer. + * minidebug.c (lzma_stat): Likewise. + * solib-spu.c (spu_bfd_iovec_stat): Likewise. + * spu-linux-nat.c (spu_bfd_iovec_stat): Likewise. + 2015-04-13 Stan Shebs <stanshebs@google.com> * MAINTAINERS: Update my email address. @@ -126,6 +126,7 @@ mem_bfd_iovec_stat (struct bfd *abfd, void *stream, struct stat *sb) { struct target_buffer *buffer = (struct target_buffer*) stream; + memset (sb, 0, sizeof (struct stat)); sb->st_size = buffer->size; return 0; } diff --git a/gdb/minidebug.c b/gdb/minidebug.c index cc20914..98c2187 100644 --- a/gdb/minidebug.c +++ b/gdb/minidebug.c @@ -241,6 +241,7 @@ lzma_stat (struct bfd *abfd, { struct gdb_lzma_stream *lstream = stream; + memset (sb, 0, sizeof (struct stat)); sb->st_size = lzma_index_uncompressed_size (lstream->index); return 0; } diff --git a/gdb/solib-spu.c b/gdb/solib-spu.c index 250cf21..44fbf91 100644 --- a/gdb/solib-spu.c +++ b/gdb/solib-spu.c @@ -313,6 +313,7 @@ spu_bfd_iovec_stat (bfd *abfd, void *stream, struct stat *sb) table to find the extent of the last section but that seems pointless when the size is needed only for checks of other parsed values in dbxread.c. */ + memset (sb, 0, sizeof (struct stat)); sb->st_size = INT_MAX; return 0; } diff --git a/gdb/spu-linux-nat.c b/gdb/spu-linux-nat.c index b0942a9..a043f53 100644 --- a/gdb/spu-linux-nat.c +++ b/gdb/spu-linux-nat.c @@ -313,6 +313,7 @@ spu_bfd_iovec_stat (struct bfd *abfd, void *stream, struct stat *sb) table to find the extent of the last section but that seems pointless when the size is needed only for checks of other parsed values in dbxread.c. */ + memset (sb, 0, sizeof (struct stat)); sb->st_size = INT_MAX; return 0; } |