From 94cd915f48523bbcbe20f74835d7f5a9d0b3a916 Mon Sep 17 00:00:00 2001
From: Michael Snyder <msnyder@vmware.com>
Date: Tue, 8 Jan 2002 00:59:31 +0000
Subject: 2002-01-07  Michael Snyder  <msnyder@redhat.com>

	* infptrace.c (GDB_MAX_ALLOCA): New define.
	(child_xfer_memory): Use xmalloc/xfree instead of alloca if the
	size of the buffer exceeds GDB_MAX_ALLOCA (default 1 megabyte,
	can be overridden with whatever value is appropriate to the host).
	* infttrace.c (child_xfer_memory): Add FIXME warning about use of
	alloca to allocate potentially large buffer.
	* rs6000-nat.c (child_xfer_memory): Ditto.
	* symm-nat.c (child_xfer_memory): Ditto.
	* x86-64-linux-nat.c (child_xfer_memory): Ditto.
---
 gdb/infttrace.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'gdb/infttrace.c')

diff --git a/gdb/infttrace.c b/gdb/infttrace.c
index c3216a5..df0a5e5 100644
--- a/gdb/infttrace.c
+++ b/gdb/infttrace.c
@@ -4922,8 +4922,11 @@ child_xfer_memory (CORE_ADDR memaddr, char *myaddr, int len, int write,
   = (((memaddr + len) - addr) + sizeof (TTRACE_XFER_TYPE) - 1)
   / sizeof (TTRACE_XFER_TYPE);
   /* Allocate buffer of that many longwords.  */
+  /* FIXME (alloca): This code, cloned from infptrace.c, is unsafe
+     because it uses alloca to allocate a buffer of arbitrary size.
+     For very large xfers, this could crash GDB's stack.  */
   register TTRACE_XFER_TYPE *buffer
-  = (TTRACE_XFER_TYPE *) alloca (count * sizeof (TTRACE_XFER_TYPE));
+    = (TTRACE_XFER_TYPE *) alloca (count * sizeof (TTRACE_XFER_TYPE));
 
   if (write)
     {
-- 
cgit v1.1