From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from aserp2120.oracle.com (aserp2120.oracle.com [141.146.126.78]) by sourceware.org (Postfix) with ESMTPS id 09477385802D for ; Thu, 25 Mar 2021 15:53:55 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 09477385802D Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 12PFXgk7019232; Thu, 25 Mar 2021 15:53:50 GMT Received: from userp3030.oracle.com (userp3030.oracle.com [156.151.31.80]) by aserp2120.oracle.com with ESMTP id 37d90mpscm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 25 Mar 2021 15:53:50 +0000 Received: from pps.filterd (userp3030.oracle.com [127.0.0.1]) by userp3030.oracle.com (8.16.0.42/8.16.0.42) with SMTP id 12PFZMbp042787; Thu, 25 Mar 2021 15:53:49 GMT Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2169.outbound.protection.outlook.com [104.47.58.169]) by userp3030.oracle.com with ESMTP id 37du01bk9p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 25 Mar 2021 15:53:49 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ehQt5sv8OEUfkn8g3xaDtpuKSgDWh2XUORzWPERVmChG+4lJbvk/A9NdZ93wF6iWseEnVwIOdU8/znbM8c9Bw9SgBEUGT62zUh7eqJGxJ2YrY+aGYsj4SJSqWKxj7n5cDUhyBwfHuXsDHRHG4bWJ5i4Mbv9EfxJALb294KNZtlfOWOi+goKQbQZfMR12B7LjPXoMq5gRSvybisKnUpyrIbXPcwLuYF28ed6ff7hlyGKIQSsNouroCAAxiD0xco2sITXHeJQ0LWWoOsYFQZcCgkT8jGRyw4O0Nn3s5SnTY3bHUDERTDDVh/6UySEUvWYg5GpcUSzZWuqEk/lJwIGM/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aq3LRf5xDsHx89PYyANkD76XAnJY3fBsLVe142zsLS4=; b=fRLtFjNoS5fON/CXw9aK4FjNLwzJRV4k+J8KtMkMzVcEoElyBUXRETvcqA378EPL4rA/1alhni/NOd8+NQFeylMclsJgPi5TdaR3YohZCC+D2K17bl792JwqehfgMWJyUF5I9iGa/nAgEPeQAr1nYnLZLi/FtyKh6hGmOKS8CIi0IyzZM+obSbnOt44vf3r0xoOdeAZ7MhEJRYugrNfhYjRM9vumo6yg5G6V0uY3iEKcZwcAfUnLT+wBPF+FzU31gglHlockMNx1L6iH8o4M168AaUVC1BWFjohcw2nhSpNRa1TUWenWK5VEUlpbltpV9nUH0vusToGUoXi9wbzf5A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none Received: from SA2PR10MB4715.namprd10.prod.outlook.com (2603:10b6:806:fb::10) by SA2PR10MB4521.namprd10.prod.outlook.com (2603:10b6:806:117::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3977.29; Thu, 25 Mar 2021 15:53:46 +0000 Received: from SA2PR10MB4715.namprd10.prod.outlook.com ([fe80::bdcf:f0:1350:5fa2]) by SA2PR10MB4715.namprd10.prod.outlook.com ([fe80::bdcf:f0:1350:5fa2%6]) with mapi id 15.20.3977.024; Thu, 25 Mar 2021 15:53:46 +0000 From: Nick Alcock To: Hans-Peter Nilsson Cc: binutils@sourceware.org Subject: Re: [PATCH 5/8] libctf: don't dereference out-of-bounds locations in the qualifier hashtab References: <20210324012158.35472-1-nick.alcock@oracle.com> <20210324012158.35472-5-nick.alcock@oracle.com> Emacs: no job too big... no job. Date: Thu, 25 Mar 2021 15:53:41 +0000 In-Reply-To: (Hans-Peter Nilsson's message of "Wed, 24 Mar 2021 20:02:06 -0400 (EDT)") Message-ID: <8735wjgrga.fsf@esperi.org.uk> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3.50 (gnu/linux) Content-Type: text/plain X-Originating-IP: [2001:8b0:1101:10::2] X-ClientProxiedBy: LO4P123CA0053.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:152::22) To SA2PR10MB4715.namprd10.prod.outlook.com (2603:10b6:806:fb::10) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from loom (2001:8b0:1101:10::2) by LO4P123CA0053.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:152::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3955.24 via Frontend Transport; Thu, 25 Mar 2021 15:53:45 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 45d4953d-212f-45b8-c1b6-08d8efa62c62 X-MS-TrafficTypeDiagnostic: SA2PR10MB4521: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1824; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: aqlDIFafSndZ9UHECHNZrF7tyuRLH/2Of5ensVJ22GmxP/uBipuGbQbcxkvCKNc/3ZlxmXZHqIEqXhUZ0SY6anXfDSHG/oyfVmn88pAksSdylx20JmEyn2Ofzg8xqwl2wpmwTIcyulk0EVWhbJmd9V1FKaM/1+jQY6SDhijlmdSTXoozk52hEAO8TDpUOScDWlddxxY1TrH9T6+caHTZWGDSeWFBN/+qmsGcHx38tS2as2915TBTz4pH0GSDTFcEbnTkcVEJt3KjZBEGzU1XW1YuKvG5MMrzBFwXJUZqmwgpxouNFuL9+yGlC1ieDMcmukROVy95w5GsrhZw3heOHaGbYWllq7k+2dgEpFQMjh9VWgg7aDGtiq2tiNdQl6TNwdGNjcvxjFe7aU4g1bCsI4edoFcKq7edRWv3UHLT1oXISRk1S6ea4lv9mrabciZgPqd6k5OB74BwWrbPBFd7DWJPS/S+dvU6QxzaxR6OlpJaOsY1Q8PkNIQeyXqNFGzLAUBEUkrwSg9tBuGfNtCDDpPhNM67Kz6amUnNcx28X6QOomXx7zdUsZVlWbAooE9/xLy0lTZaab+QIdRDvyhyxguBHwuxaIPxKZchK3iTaMH+swLBN3NwT5TZ2w8bLw5ZwRR3hkc4TWJ+MhWaLk+3jWbKKQ7+tBHOMe8/3EdQjns= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA2PR10MB4715.namprd10.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(39860400002)(366004)(376002)(396003)(136003)(83380400001)(38100700001)(8936002)(8676002)(5660300002)(86362001)(316002)(6486002)(66476007)(66556008)(6916009)(2906002)(66946007)(36756003)(16526019)(186003)(6666004)(6496006)(52116002)(478600001)(9686003)(4326008)(44832011); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?jKTeV5b7XMyQrWO465XSIJ3BjYT7axpzT58D7S/1zLMSB/dx9nWziafFxz0a?= =?us-ascii?Q?33TzYyEcDZyMWSNnNNysvnZmspQwSuJWbhblJ3zA9UP6KHiE66r3LdxidDsY?= =?us-ascii?Q?xnTCOfacv6kJn+bXT9R9c3cwwwQbeM1S1UuqnJLewyAK1mV1Lt8ogn5FmNS4?= =?us-ascii?Q?snN1G1vqDuTzEc0boFdJGYYeakbw9EjwZStu6BYgxgfwDEirthVswM+p9WxO?= =?us-ascii?Q?1HNy61++RxjNko5bxxATDJVzkU6+DracL7/s8bU82BB92H5OYO9llOhMPipS?= =?us-ascii?Q?y5NC0nFH3Zd8bjfhzofNE8cw669H6gYeA40hvF5L/Dg8qwPcwPdpLqdpcSLT?= =?us-ascii?Q?pES5vNYZZt2jAdrzf4JHSllo6ytK/SSuvd8tj5uk4VLRycMgpxU6E3622B8X?= =?us-ascii?Q?VCw5sOlJ8WpPrV+VGjzjUKS6sQvsnHOGodvxJyIqoE9qPm6C3QZdvpIkj7ix?= =?us-ascii?Q?YVBY05C/7Bcw5QpOc8hP8pTcZ2P7Sf7MRs58ngqVfl6Jf/MbvT94GjgLjXkE?= =?us-ascii?Q?ZvgIcBHJtftlk7eK973umk0tqU8jUHhrcipCcNQEy6dac9+SOpUktd+aTjm1?= =?us-ascii?Q?GBnds7lzFXe5nEkgNj64Znz4AaRm8K76Ax1mmSD1gOGdOmJA6e88TCw8OwaF?= =?us-ascii?Q?eQZELYMGo+U68dTydD+nS7R/CUdh9qze8spnX6AWtrHtv0mmM8PGvwmfybkn?= =?us-ascii?Q?rZlcpjX7zGsgI52bwgYog4qxbAKJy3uGKXW4p6zUqbpAfR/1kzoSJ5w1Nsgj?= =?us-ascii?Q?2Gqrka4VX/0S9YWOK9YvgXxgNLM9cyxaIoXbUQnKPQNYP4X6w1EPAPdzAq2y?= =?us-ascii?Q?wBf0mJ+1kkwTCRihbP1th0R9g/xjms377Slmv0cZqBzFkHyetilSCw8yKsRu?= =?us-ascii?Q?NTuqt06HY2t9Ha8aX6k97n+eVeW7agWjIdUoOiejxCYER0qjnR+ZW35KjRS3?= =?us-ascii?Q?/95H1zjtyYxVrxA3gXvIX7B1b6sgsWnVbvtgWIEqhhOSielkRWYn6bOwRqR3?= =?us-ascii?Q?bUg2C8ss65+gvq1cHUVllALJ8l4crNq6oOlOixoXbLaQloowwIuCIxAEMx6C?= =?us-ascii?Q?/j/FueIk/vBDOi+85XQNVQr3IbPkRFACK/QZ/tKXn1yuDwWzBPzf2n5VCTp6?= =?us-ascii?Q?KvVPL2E9KIYUe2bMKmya9+h/7mpD9oN3l+mCXR27RjSCWt5W0zIUangrec3a?= =?us-ascii?Q?frpHebuJ5U0ysHJHjkvByrkgGxgUvrETcNbHwOKVnaLUt/KtjydXtoBL1O8v?= =?us-ascii?Q?6E7bg4B2/SCASUWSgEBQmq/JEGb6w4YsvndIOpbwy48U7saTZ588d30ZDESz?= =?us-ascii?Q?oz0JNCgC4qDs2QxRsZf+b+HH/n26tYTZCsWznmlnO6yXcw=3D=3D?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 45d4953d-212f-45b8-c1b6-08d8efa62c62 X-MS-Exchange-CrossTenant-AuthSource: SA2PR10MB4715.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Mar 2021 15:53:46.3384 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: G5VBTyvTTYpzIagYprlhPLaWYihbyc9WOPxjG0ih0TNdgltwuM3EkMr08fh6wUsflJMhTHJWsQgChT/iLAK2LQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA2PR10MB4521 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=9934 signatures=668683 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 bulkscore=0 phishscore=0 mlxlogscore=999 suspectscore=0 spamscore=0 malwarescore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103250112 X-Proofpoint-Virus-Version: vendor=nai engine=6200 definitions=9934 signatures=668683 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 malwarescore=0 mlxscore=0 priorityscore=1501 bulkscore=0 impostorscore=0 lowpriorityscore=0 phishscore=0 mlxlogscore=999 suspectscore=0 clxscore=1011 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103250112 X-Spam-Status: No, score=-11.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, MSGID_FROM_MTA_HEADER, SPF_HELO_PASS, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Mar 2021 15:53:57 -0000 On 25 Mar 2021, Hans-Peter Nilsson uttered the following: > On Wed, 24 Mar 2021, Nick Alcock via Binutils wrote: > >> diff --git a/libctf/ctf-lookup.c b/libctf/ctf-lookup.c >> index 9d1e6d8a4a2..e50c868c5b8 100644 >> --- a/libctf/ctf-lookup.c >> +++ b/libctf/ctf-lookup.c >> @@ -111,10 +111,13 @@ isqualifier (const char *s, size_t len) >> }; >> >> int h = s[len - 1] + (int) len - 105; >> + >> + if (h < 0 || (size_t) h >= sizeof (qhash) / sizeof (qhash[0])) >> + return 0; >> + >> const struct qual *qp = &qhash[h]; > > Do we allow C99 these days? In recent messages I got the > impression that we're still battling with pre-C90 artefacts. > > If not, watch out for the declaration-after-statement there. We have declaration-after-statements all over libctf, so if people really do try to compile with a pre-C99 compiler, we'll know (and I'll fix them all then and growl loudly). For that matter there are also some in bfd, so it's not just me. (But this one is totally gratuitous and doesn't even improve clarity, so I'll fix it :) ) -- NULL && (void)