[binutils-gdb] Fix a potential illegal memory access when displaying corrupt DWARF information.

public inbox for binutils-cvs@sourceware.org
 help / color / mirror / Atom feed

* [binutils-gdb] Fix a potential illegal memory access when displaying corrupt DWARF information.
@ 2023-04-11 14:59 Nick Clifton
  0 siblings, 0 replies; only message in thread
From: Nick Clifton @ 2023-04-11 14:59 UTC (permalink / raw)
  To: bfd-cvs

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=688fe114cd80e410dbed08064eaaedf5584d31cf

commit 688fe114cd80e410dbed08064eaaedf5584d31cf
Author: Nick Clifton <nickc@redhat.com>
Date:   Tue Apr 11 15:59:07 2023 +0100

    Fix a potential illegal memory access when displaying corrupt DWARF information.
    
      PR 30312
      * dwarf.c (prealloc_cu_tu_list): Always allocate at least one entry.

Diff:
---
 binutils/ChangeLog |  4 ++++
 binutils/dwarf.c   | 24 ++++++++++++++----------
 2 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index f81f2308651..285b90c2a68 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,5 +1,9 @@
 2023-04-11  Nick Clifton  <nickc@redhat.com>
 
+	PR 30312
+	* dwarf.c (prealloc_cu_tu_list): Always allocate at least one
+	entry.
+
 	PR 30311
 	* readelf.c (uncompress_section_contents): Check for a
 	suspiciously large uncompressed size.
diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index d08f01cab79..ab0a3caf632 100644
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -10733,6 +10733,10 @@ display_gdb_index (struct dwarf_section *section,
 static void
 prealloc_cu_tu_list (unsigned int nshndx)
 {
+  if (nshndx == 0)
+    /* Always allocate at least one entry for the end-marker.  */
+    nshndx = 1;
+
   if (shndx_pool == NULL)
     {
       shndx_pool_size = nshndx;
@@ -10797,7 +10801,7 @@ get_DW_SECT_short_name (unsigned int dw_sect)
    These sections are extensions for Fission.
    See http://gcc.gnu.org/wiki/DebugFissionDWP.  */
 
-static int
+static bool
 process_cu_tu_index (struct dwarf_section *section, int do_display)
 {
   unsigned char *phdr = section->start;
@@ -10818,14 +10822,14 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
   if (phdr == NULL)
     {
       warn (_("Section %s is empty\n"), section->name);
-      return 0;
+      return false;
     }
   /* PR 17512: file: 002-376-0.004.  */
   if (section->size < 24)
     {
       warn (_("Section %s is too small to contain a CU/TU header\n"),
 	    section->name);
-      return 0;
+      return false;
     }
 
   phash = phdr;
@@ -10857,7 +10861,7 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
 		      "Section %s is too small for %u slots\n",
 		      nslots),
 	    section->name, nslots);
-      return 0;
+      return false;
     }
 
   if (version == 1)
@@ -10887,7 +10891,7 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
 		if (shndx_list < ppool)
 		  {
 		    warn (_("Section index pool located before start of section\n"));
-		    return 0;
+		    return false;
 		  }
 
 		printf (_("  [%3d] Signature:  %#" PRIx64 "  Sections: "),
@@ -10898,7 +10902,7 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
 		      {
 			warn (_("Section %s too small for shndx pool\n"),
 			      section->name);
-			return 0;
+			return false;
 		      }
 		    SAFE_BYTE_GET (shndx, shndx_list, 4, limit);
 		    if (shndx == 0)
@@ -10941,7 +10945,7 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
 	{
 	  warn (_("Section %s too small for offset and size tables\n"),
 		section->name);
-	  return 0;
+	  return false;
 	}
 
       if (do_display)
@@ -10989,7 +10993,7 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
 		{
 		  warn (_("Row index (%u) is larger than number of used entries (%u)\n"),
 			row, nused);
-		  return 0;
+		  return false;
 		}
 
 	      if (!do_display)
@@ -11074,7 +11078,7 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
 			printf ("\n");
 		      warn (_("Too many rows/columns in DWARF index section %s\n"),
 			    section->name);
-		      return 0;
+		      return false;
 		    }
 
 		  SAFE_BYTE_GET (val, p, 4, limit);
@@ -11106,7 +11110,7 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
   if (do_display)
       printf ("\n");
 
-  return 1;
+  return true;
 }
 
 static int cu_tu_indexes_read = -1; /* Tri-state variable.  */

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2023-04-11 14:59 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-04-11 14:59 [binutils-gdb] Fix a potential illegal memory access when displaying corrupt DWARF information Nick Clifton

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).