diff options
author | Alan Modra <amodra@gmail.com> | 2021-05-15 15:10:44 +0930 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2021-05-15 15:13:45 +0930 |
commit | 7848009791cd1598f8c19ab52ccd25a78bc0c789 (patch) | |
tree | 1f865d033e08107b4116372190f5eeb4d1d134fa | |
parent | b0d461ec373e35fd380a060e6027d781f8a3f752 (diff) | |
download | gdb-7848009791cd1598f8c19ab52ccd25a78bc0c789.zip gdb-7848009791cd1598f8c19ab52ccd25a78bc0c789.tar.gz gdb-7848009791cd1598f8c19ab52ccd25a78bc0c789.tar.bz2 |
display_loc_list
* dwarf.c (display_loc_list): Avoid pointer UB. Correct check
before reading uleb length. Warn on excess length.
-rw-r--r-- | binutils/ChangeLog | 5 | ||||
-rw-r--r-- | binutils/dwarf.c | 20 |
2 files changed, 18 insertions, 7 deletions
diff --git a/binutils/ChangeLog b/binutils/ChangeLog index 1926afb..9301a80 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,5 +1,10 @@ 2021-05-15 Alan Modra <amodra@gmail.com> + * dwarf.c (display_loc_list): Avoid pointer UB. Correct check + before reading uleb length. Warn on excess length. + +2021-05-15 Alan Modra <amodra@gmail.com> + * dwarf.c (display_debug_macro): Print strings that might not be zero terminated with %*s. Don't bump curr if unterminated. diff --git a/binutils/dwarf.c b/binutils/dwarf.c index 68732cf..4d29591 100644 --- a/binutils/dwarf.c +++ b/binutils/dwarf.c @@ -6355,7 +6355,7 @@ display_loc_list (struct dwarf_section *section, dwarf_vma off = offset + (start - *start_ptr); dwarf_vma vbegin = vm1, vend = vm1; - if (start + 2 * pointer_size > section_end) + if (2 * pointer_size > (size_t) (section_end - start)) { warn (_("Location list starting at offset 0x%lx is not terminated.\n"), (unsigned long) offset); @@ -6408,7 +6408,7 @@ display_loc_list (struct dwarf_section *section, (unsigned long) off, 8, ""); } - if (start + 2 > section_end) + if (2 > (size_t) (section_end - start)) { warn (_("Location list starting at offset 0x%lx is not terminated.\n"), (unsigned long) offset); @@ -6417,7 +6417,7 @@ display_loc_list (struct dwarf_section *section, SAFE_BYTE_GET_AND_INC (length, start, 2, section_end); - if (start + length > section_end) + if (length > (size_t) (section_end - start)) { warn (_("Location list starting at offset 0x%lx is not terminated.\n"), (unsigned long) offset); @@ -6579,15 +6579,21 @@ display_loclists_list (struct dwarf_section *section, && llet != DW_LLE_start_length) continue; - if (start + 2 > section_end) + if (start == section_end) { warn (_("Location list starting at offset 0x%lx is not terminated.\n"), (unsigned long) offset); break; } - READ_ULEB (length, start, section_end); + if (length > (size_t) (section_end - start)) + { + warn (_("Location list starting at offset 0x%lx is not terminated.\n"), + (unsigned long) offset); + break; + } + print_dwarf_vma (begin, pointer_size); print_dwarf_vma (end, pointer_size); @@ -6751,7 +6757,7 @@ display_loc_list_dwo (struct dwarf_section *section, return; } - if (start + 2 > section_end) + if (2 > (size_t) (section_end - start)) { warn (_("Location list starting at offset 0x%lx is not terminated.\n"), (unsigned long) offset); @@ -6759,7 +6765,7 @@ display_loc_list_dwo (struct dwarf_section *section, } SAFE_BYTE_GET_AND_INC (length, start, 2, section_end); - if (start + length > section_end) + if (length > (size_t) (section_end - start)) { warn (_("Location list starting at offset 0x%lx is not terminated.\n"), (unsigned long) offset); |