From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1062) id 68A183857029; Wed, 12 Apr 2023 01:34:50 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 68A183857029 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Alan Modra To: bfd-cvs@sourceware.org Subject: [binutils-gdb] ubsan: dwarf2.c:2232:7: runtime error: index 16 out of bounds X-Act-Checkin: binutils-gdb X-Git-Author: Alan Modra X-Git-Refname: refs/heads/master X-Git-Oldrev: c10adfbb15a7e7d94f55cb012ed7c0ddef4156be X-Git-Newrev: 32011d23a879283d845993e9358f64a6e8aefa98 Message-Id: <20230412013450.68A183857029@sourceware.org> Date: Wed, 12 Apr 2023 01:34:50 +0000 (GMT) X-BeenThere: binutils-cvs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Apr 2023 01:34:50 -0000 https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3D32011d23a879= 283d845993e9358f64a6e8aefa98 commit 32011d23a879283d845993e9358f64a6e8aefa98 Author: Alan Modra Date: Wed Apr 12 09:30:26 2023 +0930 ubsan: dwarf2.c:2232:7: runtime error: index 16 out of bounds =20 Except it isn't out of bounds because space for a larger array has been allocated. =20 * dwarf2.c (struct trie_leaf): Make ranges a C99 flexible array. (alloc_trie_leaf, insert_arange_in_trie): Adjust sizing. Diff: --- bfd/dwarf2.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c index d99508a96c7..b135ef09120 100644 --- a/bfd/dwarf2.c +++ b/bfd/dwarf2.c @@ -137,7 +137,7 @@ struct trie_leaf struct { struct comp_unit *unit; bfd_vma low_pc, high_pc; - } ranges[TRIE_LEAF_SIZE]; + } ranges[]; }; =20 struct trie_interior @@ -148,7 +148,9 @@ struct trie_interior =20 static struct trie_node *alloc_trie_leaf (bfd *abfd) { - struct trie_leaf *leaf =3D bfd_zalloc (abfd, sizeof (struct trie_leaf)); + struct trie_leaf *leaf; + size_t amt =3D sizeof (*leaf) + TRIE_LEAF_SIZE * sizeof (leaf->ranges[0]= ); + leaf =3D bfd_zalloc (abfd, amt); if (leaf =3D=3D NULL) return NULL; leaf->head.num_room_in_leaf =3D TRIE_LEAF_SIZE; @@ -2207,9 +2209,7 @@ insert_arange_in_trie (bfd *abfd, const struct trie_leaf *leaf =3D (struct trie_leaf *) trie; unsigned int new_room_in_leaf =3D trie->num_room_in_leaf * 2; struct trie_leaf *new_leaf; - size_t amt =3D (sizeof (struct trie_leaf) - + ((new_room_in_leaf - TRIE_LEAF_SIZE) - * sizeof (leaf->ranges[0]))); + size_t amt =3D sizeof (*leaf) + new_room_in_leaf * sizeof (leaf->ran= ges[0]); new_leaf =3D bfd_zalloc (abfd, amt); new_leaf->head.num_room_in_leaf =3D new_room_in_leaf; new_leaf->num_stored_in_leaf =3D leaf->num_stored_in_leaf;