diff options
| author | Tom Tromey <tom@tromey.com> | 2021-12-26 13:49:22 -0700 |
|---|---|---|
| committer | Tom Tromey <tom@tromey.com> | 2022-01-06 08:37:19 -0700 |
| commit | 5bd1d4c158953c17ad33fdb34c0919f2b32ddc45 (patch) | |
| tree | d35e4f9c4e03f6b90e15ec182c2c2883b3f84971 /gdb/windows-tdep.c | |
| parent | 5220f61a22a0c1a84403725532d6359aaeb3d2fa (diff) | |
| download | gdb-5bd1d4c158953c17ad33fdb34c0919f2b32ddc45.zip gdb-5bd1d4c158953c17ad33fdb34c0919f2b32ddc45.tar.gz gdb-5bd1d4c158953c17ad33fdb34c0919f2b32ddc45.tar.bz2 | |
Clean up some dead code in windows-tdep.c
windows-tdep.c checks the result of xmalloc, which isn't necessary. I
initially removed this dead check, but then went a bit further and
modified the code so that some "goto"s and explicit memory management
could be removed. Then, I added a couple of missing bounds checks.
I believe this also fixes a possible bug with a missing 0-termination
of a string. I am not certain, but that is why I think the existing
code allocates a buffer that is 1 byte too long -- but then it fails
to set this byte to 0.
Diffstat (limited to 'gdb/windows-tdep.c')
| -rw-r--r-- | gdb/windows-tdep.c | 44 |
1 files changed, 20 insertions, 24 deletions
diff --git a/gdb/windows-tdep.c b/gdb/windows-tdep.c index 6168904..78984d6 100644 --- a/gdb/windows-tdep.c +++ b/gdb/windows-tdep.c @@ -1112,54 +1112,50 @@ core_process_module_section (bfd *abfd, asection *sect, void *obj) size_t module_name_offset; CORE_ADDR base_addr; - gdb_byte *buf = NULL; - if (!startswith (sect->name, ".module")) return; - buf = (gdb_byte *) xmalloc (bfd_section_size (sect) + 1); - if (!buf) - { - printf_unfiltered ("memory allocation failed for %s\n", sect->name); - goto out; - } + gdb::byte_vector buf (bfd_section_size (sect) + 1); if (!bfd_get_section_contents (abfd, sect, - buf, 0, bfd_section_size (sect))) - goto out; - - + buf.data (), 0, bfd_section_size (sect))) + return; + /* We're going to treat part of the buffer as a string, so make sure + it is NUL-terminated. */ + buf.back () = 0; /* A DWORD (data_type) followed by struct windows_core_module_info. */ - data_type = extract_unsigned_integer (buf, 4, byte_order); + if (bfd_section_size (sect) < 4) + return; + data_type = extract_unsigned_integer (buf.data (), 4, byte_order); if (data_type == NOTE_INFO_MODULE) { - base_addr = extract_unsigned_integer (buf + 4, 4, byte_order); - module_name_size = extract_unsigned_integer (buf + 8, 4, byte_order); module_name_offset = 12; + if (bfd_section_size (sect) < module_name_offset) + return; + base_addr = extract_unsigned_integer (&buf[4], 4, byte_order); + module_name_size = extract_unsigned_integer (&buf[8], 4, byte_order); } else if (data_type == NOTE_INFO_MODULE64) { - base_addr = extract_unsigned_integer (buf + 4, 8, byte_order); - module_name_size = extract_unsigned_integer (buf + 12, 4, byte_order); module_name_offset = 16; + if (bfd_section_size (sect) < module_name_offset) + return; + base_addr = extract_unsigned_integer (&buf[4], 8, byte_order); + module_name_size = extract_unsigned_integer (&buf[12], 4, byte_order); } else - goto out; + return; if (module_name_offset + module_name_size > bfd_section_size (sect)) - goto out; - module_name = (char *) buf + module_name_offset; + return; + module_name = (char *) buf.data () + module_name_offset; /* The first module is the .exe itself. */ if (data->module_count != 0) windows_xfer_shared_library (module_name, base_addr, NULL, data->gdbarch, data->obstack); data->module_count++; - -out: - xfree (buf); - return; } ULONGEST |