diff options
| author | Tom de Vries <tdevries@suse.de> | 2022-10-14 21:22:57 +0200 |
|---|---|---|
| committer | Tom de Vries <tdevries@suse.de> | 2022-10-14 21:22:57 +0200 |
| commit | 8e94bb3e3a478544c0d8abfad8404af015f7130b (patch) | |
| tree | ff05a8202dbedfba16304050e8fb607446041ad4 /gdb/testsuite/lib | |
| parent | 7c635f3e61e014d713f7fc884215576187fda038 (diff) | |
| download | gdb-8e94bb3e3a478544c0d8abfad8404af015f7130b.zip gdb-8e94bb3e3a478544c0d8abfad8404af015f7130b.tar.gz gdb-8e94bb3e3a478544c0d8abfad8404af015f7130b.tar.bz2 | |
[gdb] Fix heap-buffer-overflow in find_program_interpreter
With the test-case included in this patch, we run into:
...
(gdb) target remote localhost:2347^M
`target:twice-connect' has disappeared; keeping its symbols.^M
Remote debugging using localhost:2347^M
warning: Unable to find dynamic linker breakpoint function.^M
GDB will be unable to debug shared library initializers^M
and track explicitly loaded dynamic code.^M
Reading /usr/lib/debug/.build-id/$hex/$hex.debug from remote target...^M
0x00007ffff7dd4550 in ?? ()^M
(gdb) PASS: gdb.server/twice-connect.exp: session=second: gdbserver started
FAIL: gdb.server/twice-connect.exp: found interpreter
...
The problem originates in find_program_interpreter, where
bfd_get_section_contents is called to read .interp, but fails. The function
returns false but the result is ignored, so find_program_interpreter returns
some random string.
Fix this by checking the result of the call to bfd_get_section_contents.
Tested on x86_64-linux.
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=29652
Diffstat (limited to 'gdb/testsuite/lib')
| -rw-r--r-- | gdb/testsuite/lib/gdbserver-support.exp | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/gdb/testsuite/lib/gdbserver-support.exp b/gdb/testsuite/lib/gdbserver-support.exp index 08e529f..3f2cec2 100644 --- a/gdb/testsuite/lib/gdbserver-support.exp +++ b/gdb/testsuite/lib/gdbserver-support.exp @@ -48,7 +48,7 @@ # the connection message in order for the procedure to succeed. # proc gdb_target_cmd_ext { targetname serialport {additional_text ""} } { - global gdb_prompt + global gdb_prompt gdb_target_remote_cmd_msg set serialport_re [string_to_regexp $serialport] for {set i 1} {$i <= 3} {incr i} { @@ -73,22 +73,27 @@ proc gdb_target_cmd_ext { targetname serialport {additional_text ""} } { } -re "Remote MIPS debugging.*$additional_text.*$gdb_prompt" { verbose "Set target to $targetname" + set gdb_target_remote_cmd_msg $expect_out(buffer) return 0 } -re "Remote debugging using .*$serialport_re.*$additional_text.*$gdb_prompt $" { verbose "Set target to $targetname" + set gdb_target_remote_cmd_msg $expect_out(buffer) return 0 } -re "Remote debugging using stdio.*$additional_text.*$gdb_prompt $" { verbose "Set target to $targetname" + set gdb_target_remote_cmd_msg $expect_out(buffer) return 0 } -re "Remote target $targetname connected to.*$additional_text.*$gdb_prompt $" { verbose "Set target to $targetname" + set gdb_target_remote_cmd_msg $expect_out(buffer) return 0 } -re "Connected to.*$additional_text.*$gdb_prompt $" { verbose "Set target to $targetname" + set gdb_target_remote_cmd_msg $expect_out(buffer) return 0 } -re "Ending remote.*$gdb_prompt $" { } |