aboutsummaryrefslogtreecommitdiff
path: root/gprof/cg_arcs.c
diff options
context:
space:
mode:
authorAlan Modra <amodra@gmail.com>2023-07-26 09:54:03 +0930
committerAlan Modra <amodra@gmail.com>2023-07-26 10:23:27 +0930
commit477c9f2ba26ccd77016f2c97941fc8b35e332e35 (patch)
tree7101fd32ce2079ad0dc7006ddf9d54251af2b320 /gprof/cg_arcs.c
parenteb14a8b4bfb767beebfb54d7911da4132b5c0f94 (diff)
downloadfsf-binutils-gdb-477c9f2ba26ccd77016f2c97941fc8b35e332e35.zip
fsf-binutils-gdb-477c9f2ba26ccd77016f2c97941fc8b35e332e35.tar.gz
fsf-binutils-gdb-477c9f2ba26ccd77016f2c97941fc8b35e332e35.tar.bz2
PR30657, gprof heap buffer overflow
PR 30657 * cg_arcs.c (cg_assemble): Sanity check find_call addresses. * i386.c (i386_find_call): Don't access past end of core_text_space. * aarch64.c (aarch64_find_call): Round up lowpc, round down highpc. * alpha.c (alpha_find_call): Likewise. * mips.c (mips_find_call): Likewise. * sparc.c (sparc_find_call): Likewise. * vax.c (vax_find_call): Sanity check core_text_space accesses.
Diffstat (limited to 'gprof/cg_arcs.c')
-rw-r--r--gprof/cg_arcs.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/gprof/cg_arcs.c b/gprof/cg_arcs.c
index e76c2cb..cfffb09 100644
--- a/gprof/cg_arcs.c
+++ b/gprof/cg_arcs.c
@@ -37,6 +37,7 @@
#include "cg_print.h"
#include "utils.h"
#include "sym_ids.h"
+#include "corefile.h"
static int cmp_topo (const void *, const void *);
static void propagate_time (Sym *);
@@ -622,7 +623,11 @@ cg_assemble (void)
parent->cg.cyc.num = 0;
parent->cg.cyc.head = parent;
parent->cg.cyc.next = 0;
- if (ignore_direct_calls)
+ if (ignore_direct_calls
+ && parent->addr >= core_text_sect->vma
+ && parent->addr < core_text_sect->vma + core_text_sect->size
+ && (parent + 1)->addr >= core_text_sect->vma
+ && (parent + 1)->addr <= core_text_sect->vma + core_text_sect->size)
find_call (parent, parent->addr, (parent + 1)->addr);
}
generated by cgit v1.1 at 2025-01-27 00:10:36 +0000