From: Alan Modra <amodra@sourceware.org>
To: bfd-cvs@sourceware.org
Subject: [binutils-gdb] ubsan: dwarf2.c:2232:7: runtime error: index 16 out of bounds
Date: Wed, 12 Apr 2023 01:34:50 +0000 (GMT) [thread overview]
Message-ID: <20230412013450.68A183857029@sourceware.org> (raw)
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=32011d23a879283d845993e9358f64a6e8aefa98
commit 32011d23a879283d845993e9358f64a6e8aefa98
Author: Alan Modra <amodra@gmail.com>
Date: Wed Apr 12 09:30:26 2023 +0930
ubsan: dwarf2.c:2232:7: runtime error: index 16 out of bounds
Except it isn't out of bounds because space for a larger array has
been allocated.
* dwarf2.c (struct trie_leaf): Make ranges a C99 flexible array.
(alloc_trie_leaf, insert_arange_in_trie): Adjust sizing.
Diff:
---
bfd/dwarf2.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
index d99508a96c7..b135ef09120 100644
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -137,7 +137,7 @@ struct trie_leaf
struct {
struct comp_unit *unit;
bfd_vma low_pc, high_pc;
- } ranges[TRIE_LEAF_SIZE];
+ } ranges[];
};
struct trie_interior
@@ -148,7 +148,9 @@ struct trie_interior
static struct trie_node *alloc_trie_leaf (bfd *abfd)
{
- struct trie_leaf *leaf = bfd_zalloc (abfd, sizeof (struct trie_leaf));
+ struct trie_leaf *leaf;
+ size_t amt = sizeof (*leaf) + TRIE_LEAF_SIZE * sizeof (leaf->ranges[0]);
+ leaf = bfd_zalloc (abfd, amt);
if (leaf == NULL)
return NULL;
leaf->head.num_room_in_leaf = TRIE_LEAF_SIZE;
@@ -2207,9 +2209,7 @@ insert_arange_in_trie (bfd *abfd,
const struct trie_leaf *leaf = (struct trie_leaf *) trie;
unsigned int new_room_in_leaf = trie->num_room_in_leaf * 2;
struct trie_leaf *new_leaf;
- size_t amt = (sizeof (struct trie_leaf)
- + ((new_room_in_leaf - TRIE_LEAF_SIZE)
- * sizeof (leaf->ranges[0])));
+ size_t amt = sizeof (*leaf) + new_room_in_leaf * sizeof (leaf->ranges[0]);
new_leaf = bfd_zalloc (abfd, amt);
new_leaf->head.num_room_in_leaf = new_room_in_leaf;
new_leaf->num_stored_in_leaf = leaf->num_stored_in_leaf;
reply other threads:[~2023-04-12 1:34 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230412013450.68A183857029@sourceware.org \
--to=amodra@sourceware.org \
--cc=bfd-cvs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).