From 918229560ce9db307532592047066eac0674190d Mon Sep 17 00:00:00 2001 From: Tom Tromey Date: Thu, 14 Nov 2013 11:09:14 -0700 Subject: off-by-one fix for py-linetable.c While digging into a different memory corruption error, I happened to notice one coming from the linetable code. In a couple of spots, the wrong termination condition was used in a loop, leading gdb to read one element past the end of the linetable. Built and regtested on x86-64 Fedora 18. Also verified using valgrind. I'm checking this in. 2013-11-14 Tom Tromey * python/py-linetable.c (ltpy_has_line) (ltpy_get_all_source_lines): Fix loop termination condition. --- gdb/ChangeLog | 5 +++++ gdb/python/py-linetable.c | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/gdb/ChangeLog b/gdb/ChangeLog index 8cbe4a4..a9afe02 100644 --- a/gdb/ChangeLog +++ b/gdb/ChangeLog @@ -1,3 +1,8 @@ +2013-11-14 Tom Tromey + + * python/py-linetable.c (ltpy_has_line) + (ltpy_get_all_source_lines): Fix loop termination condition. + 2013-11-14 Joel Brobecker * mi/mi-parse.h (struct mi_parse) : New field. diff --git a/gdb/python/py-linetable.c b/gdb/python/py-linetable.c index 8c01a0ee..e0449a6 100644 --- a/gdb/python/py-linetable.c +++ b/gdb/python/py-linetable.c @@ -215,7 +215,7 @@ ltpy_has_line (PyObject *self, PyObject *args) return NULL; } - for (index = 0; index <= LINETABLE (symtab)->nitems; index++) + for (index = 0; index < LINETABLE (symtab)->nitems; index++) { struct linetable_entry *item = &(symtab->linetable->item[index]); if (item->line == py_line) @@ -252,7 +252,7 @@ ltpy_get_all_source_lines (PyObject *self, PyObject *args) if (source_dict == NULL) return NULL; - for (index = 0; index <= LINETABLE (symtab)->nitems; index++) + for (index = 0; index < LINETABLE (symtab)->nitems; index++) { item = &(LINETABLE (symtab)->item[index]); -- cgit v1.1