From 868b375a3021d759c15f5bcbaeb6c0f29603f497 Mon Sep 17 00:00:00 2001 From: Nick Clifton Date: Wed, 8 Nov 2000 22:53:32 +0000 Subject: Increase length of xmalloc'ed buffer in order to avoid buffer overflows. --- gas/ChangeLog | 5 +++ gas/stabs.c | 100 ++++++++++++++++++++++++++++++++-------------------------- 2 files changed, 60 insertions(+), 45 deletions(-) diff --git a/gas/ChangeLog b/gas/ChangeLog index ce918a5..e9313a5 100644 --- a/gas/ChangeLog +++ b/gas/ChangeLog @@ -1,3 +1,8 @@ +2000-11-07 Nick Clifton + + * stabs.c (generate_asm_file): Increase length of xmalloc'ed + buffer in order to avoid buffer overflows. + 2000-11-02 Theo Honohan * config/tc-arm.c (do_msr): Improve error message. diff --git a/gas/stabs.c b/gas/stabs.c index 7c13c2f..d88fd0a 100644 --- a/gas/stabs.c +++ b/gas/stabs.c @@ -1,5 +1,5 @@ /* Generic stabs parsing for gas. - Copyright (C) 1989, 90, 91, 93, 94, 95, 96, 97, 98, 1999 + Copyright (C) 1989, 90, 91, 93, 94, 95, 96, 97, 98, 99, 2000 Free Software Foundation, Inc. This file is part of GAS, the GNU Assembler. @@ -17,7 +17,7 @@ the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GAS; see the file COPYING. If not, write to the Free Software Foundation, 59 Temple Place - Suite 330, Boston, MA -02111-1307, USA. */ +02111-1307, USA. */ #include "as.h" #include "obstack.h" @@ -25,7 +25,7 @@ Software Foundation, 59 Temple Place - Suite 330, Boston, MA #include "ecoff.h" /* We need this, despite the apparent object format dependency, since - it defines stab types, which all object formats can use now. */ + it defines stab types, which all object formats can use now. */ #include "aout/stab_gnu.h" @@ -112,7 +112,7 @@ get_stab_string_offset (string, stabstr_secname) } if (length > 0) - { /* Ordinary case. */ + { /* Ordinary case. */ p = frag_more (length + 1); strcpy (p, string); @@ -172,9 +172,9 @@ aout_process_stab (what, string, type, other, desc) #endif /* This can handle different kinds of stabs (s,n,d) and different - kinds of stab sections. */ + kinds of stab sections. */ -static void +static void s_stab_generic (what, stab_secname, stabstr_secname) int what; char *stab_secname; @@ -384,7 +384,7 @@ s_stab_generic (what, stab_secname, stabstr_secname) demand_empty_rest_of_line (); } -/* Regular stab directive. */ +/* Regular stab directive. */ void s_stab (what) @@ -393,7 +393,7 @@ s_stab (what) s_stab_generic (what, STAB_SECTION_NAME, STAB_STRING_SECTION_NAME); } -/* "Extended stabs", used in Solaris only now. */ +/* "Extended stabs", used in Solaris only now. */ void s_xstab (what) @@ -439,9 +439,9 @@ s_xstab (what) /* Frob invented at RMS' request. Set the n_desc of a symbol. */ -void +void s_desc (ignore) - int ignore; + int ignore ATTRIBUTE_UNUSED; { char *name; char c; @@ -498,52 +498,62 @@ generate_asm_file (type, file) static char *last_file; static int label_count; char *hold; - char *buf = xmalloc (2 * strlen (file) + 10); char sym[30]; - + char *buf; + char *tmp = file; + char *endp = file + strlen (file); + char *bufp = buf; + + if (last_file != NULL + && strcmp (last_file, file) == 0) + return; + /* Rather than try to do this in some efficient fashion, we just generate a string and then parse it again. That lets us use the existing stabs hook, which expect to see a string, rather than inventing new ones. */ - hold = input_line_pointer; - if (last_file == NULL - || strcmp (last_file, file) != 0) - { - char *tmp = file; - char *endp = file + strlen(file); - char *bufp = buf; - - sprintf (sym, "%sF%d", FAKE_LABEL_NAME, label_count); - ++label_count; - - *bufp++ = '"'; - while (tmp < endp) - { - char *bslash = strchr (tmp, '\\'); - int len = (bslash ? (bslash - tmp + 1) : strlen (tmp)); - /* double all backslashes, since demand_copy_C_string (used by - s_stab to extract the part in quotes) will try to replace them as - escape sequences. backslash may appear in a filespec. */ - strncpy (bufp, tmp, len); - tmp += len; - bufp += len; - if (bslash != NULL) - *bufp++ = '\\'; - } - sprintf (bufp, "\",%d,0,0,%s\n", type, sym); - input_line_pointer = buf; - s_stab ('s'); - colon (sym); + sprintf (sym, "%sF%d", FAKE_LABEL_NAME, label_count); + ++label_count; + + /* Allocate enough space for the file name (possibly extended with + doubled up backslashes), the symbol name, and the other characters + that make up a stabs file directive. */ + bufp = buf = xmalloc (2 * strlen (file) + strlen (sym) + 12); + + *bufp++ = '"'; - if (last_file != NULL) - free (last_file); - last_file = xstrdup (file); + while (tmp < endp) + { + char *bslash = strchr (tmp, '\\'); + int len = (bslash ? (bslash - tmp + 1) : strlen (tmp)); + + /* Double all backslashes, since demand_copy_C_string (used by + s_stab to extract the part in quotes) will try to replace them as + escape sequences. backslash may appear in a filespec. */ + strncpy (bufp, tmp, len); + + tmp += len; + bufp += len; + + if (bslash != NULL) + *bufp++ = '\\'; } - input_line_pointer = hold; + sprintf (bufp, "\",%d,0,0,%s\n", type, sym); + + input_line_pointer = buf; + s_stab ('s'); + colon (sym); + + if (last_file != NULL) + free (last_file); + last_file = xstrdup (file); + free (buf); + + input_line_pointer = hold; } /* Generate stabs debugging information for the current line. This is -- cgit v1.1