aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlan Modra <amodra@gmail.com>2021-05-15 15:10:44 +0930
committerAlan Modra <amodra@gmail.com>2021-05-15 15:13:45 +0930
commit7848009791cd1598f8c19ab52ccd25a78bc0c789 (patch)
tree1f865d033e08107b4116372190f5eeb4d1d134fa
parentb0d461ec373e35fd380a060e6027d781f8a3f752 (diff)
downloadgdb-7848009791cd1598f8c19ab52ccd25a78bc0c789.zip
gdb-7848009791cd1598f8c19ab52ccd25a78bc0c789.tar.gz
gdb-7848009791cd1598f8c19ab52ccd25a78bc0c789.tar.bz2
display_loc_list
* dwarf.c (display_loc_list): Avoid pointer UB. Correct check before reading uleb length. Warn on excess length.
-rw-r--r--binutils/ChangeLog5
-rw-r--r--binutils/dwarf.c20
2 files changed, 18 insertions, 7 deletions
diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 1926afb..9301a80 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,5 +1,10 @@
2021-05-15 Alan Modra <amodra@gmail.com>
+ * dwarf.c (display_loc_list): Avoid pointer UB. Correct check
+ before reading uleb length. Warn on excess length.
+
+2021-05-15 Alan Modra <amodra@gmail.com>
+
* dwarf.c (display_debug_macro): Print strings that might not
be zero terminated with %*s. Don't bump curr if unterminated.
diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index 68732cf..4d29591 100644
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -6355,7 +6355,7 @@ display_loc_list (struct dwarf_section *section,
dwarf_vma off = offset + (start - *start_ptr);
dwarf_vma vbegin = vm1, vend = vm1;
- if (start + 2 * pointer_size > section_end)
+ if (2 * pointer_size > (size_t) (section_end - start))
{
warn (_("Location list starting at offset 0x%lx is not terminated.\n"),
(unsigned long) offset);
@@ -6408,7 +6408,7 @@ display_loc_list (struct dwarf_section *section,
(unsigned long) off, 8, "");
}
- if (start + 2 > section_end)
+ if (2 > (size_t) (section_end - start))
{
warn (_("Location list starting at offset 0x%lx is not terminated.\n"),
(unsigned long) offset);
@@ -6417,7 +6417,7 @@ display_loc_list (struct dwarf_section *section,
SAFE_BYTE_GET_AND_INC (length, start, 2, section_end);
- if (start + length > section_end)
+ if (length > (size_t) (section_end - start))
{
warn (_("Location list starting at offset 0x%lx is not terminated.\n"),
(unsigned long) offset);
@@ -6579,15 +6579,21 @@ display_loclists_list (struct dwarf_section *section,
&& llet != DW_LLE_start_length)
continue;
- if (start + 2 > section_end)
+ if (start == section_end)
{
warn (_("Location list starting at offset 0x%lx is not terminated.\n"),
(unsigned long) offset);
break;
}
-
READ_ULEB (length, start, section_end);
+ if (length > (size_t) (section_end - start))
+ {
+ warn (_("Location list starting at offset 0x%lx is not terminated.\n"),
+ (unsigned long) offset);
+ break;
+ }
+
print_dwarf_vma (begin, pointer_size);
print_dwarf_vma (end, pointer_size);
@@ -6751,7 +6757,7 @@ display_loc_list_dwo (struct dwarf_section *section,
return;
}
- if (start + 2 > section_end)
+ if (2 > (size_t) (section_end - start))
{
warn (_("Location list starting at offset 0x%lx is not terminated.\n"),
(unsigned long) offset);
@@ -6759,7 +6765,7 @@ display_loc_list_dwo (struct dwarf_section *section,
}
SAFE_BYTE_GET_AND_INC (length, start, 2, section_end);
- if (start + length > section_end)
+ if (length > (size_t) (section_end - start))
{
warn (_("Location list starting at offset 0x%lx is not terminated.\n"),
(unsigned long) offset);