From d93769405996dfc11d216ddbe415946617b5a494 Mon Sep 17 00:00:00 2001 From: Andreas Schwab Date: Mon, 20 Jan 2020 17:01:50 +0100 Subject: Fix array overflow in backtrace on PowerPC (bug 25423) When unwinding through a signal frame the backtrace function on PowerPC didn't check array bounds when storing the frame address. Fixes commit d400dcac5e ("PowerPC: fix backtrace to handle signal trampolines"). --- debug/tst-backtrace5.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'debug') diff --git a/debug/tst-backtrace5.c b/debug/tst-backtrace5.c index e7ce410..b2f4616 100644 --- a/debug/tst-backtrace5.c +++ b/debug/tst-backtrace5.c @@ -89,6 +89,18 @@ handle_signal (int signum) } /* Symbol names are not available for static functions, so we do not check do_test. */ + + /* Check that backtrace does not return more than what fits in the array + (bug 25423). */ + for (int j = 0; j < NUM_FUNCTIONS; j++) + { + n = backtrace (addresses, j); + if (n > j) + { + FAIL (); + return; + } + } } NO_INLINE int -- cgit v1.1