From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <elfutils-devel-return-6689-listarch-elfutils-devel=sourceware.org@sourceware.org>
Received: (qmail 99220 invoked by alias); 28 May 2018 15:33:58 -0000
Mailing-List: contact elfutils-devel-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <elfutils-devel.sourceware.org>
List-Post: <mailto:elfutils-devel@sourceware.org>
List-Help: <mailto:elfutils-devel-help@sourceware.org>
List-Subscribe: <mailto:elfutils-devel-subscribe@sourceware.org>
Sender: elfutils-devel-owner@sourceware.org
Received: (qmail 98714 invoked by uid 89); 28 May 2018 15:33:57 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Checked: by ClamAV 0.99.4 on sourceware.org
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2 spammy=1978, inspected
X-Spam-Status: No, score=-26.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_SHORT,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sourceware.org
X-Spam-Level:
X-HELO: gnu.wildebeest.org
Received: from wildebeest.demon.nl (HELO gnu.wildebeest.org) (212.238.236.112) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 28 May 2018 15:33:55 +0000
Received: from tarox.wildebeest.org (tarox.wildebeest.org [172.31.17.39])	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))	(No client certificate requested)	by gnu.wildebeest.org (Postfix) with ESMTPSA id 3027530008B6;	Mon, 28 May 2018 17:33:53 +0200 (CEST)
Received: by tarox.wildebeest.org (Postfix, from userid 1000)	id 1EB2C413CB92; Mon, 28 May 2018 17:33:53 +0200 (CEST)
From: Mark Wielaard <mark@klomp.org>
To: elfutils-devel@sourceware.org
Cc: Mark Wielaard <mark@klomp.org>
Subject: [PATCH] libdw: Fix memory corruption in libdw_find_split_unit.
Date: Mon, 28 May 2018 15:33:00 -0000
Message-Id: <1527521631-27551-1-git-send-email-mark@klomp.org>
X-Mailer: git-send-email 1.8.3.1
X-Spam-Flag: NO
X-IsSubscribed: yes
X-SW-Source: 2018-q2/txt/msg00096.txt.bz2

Found by valgrind when trying to match a split unit from a .dwo file
that doesn't contain the split unit (as first) match. We would close
the split Dwarf too early, before we had inspected all units in it.

Add a testcase that simulates this. Which failed (at least under valgrind
as run by make distcheck) before the fix.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 libdw/ChangeLog                |  5 +++++
 libdw/libdw_find_split_unit.c  | 11 +++++------
 src/ChangeLog                  |  5 +++++
 src/readelf.c                  |  2 +-
 tests/ChangeLog                |  6 ++++++
 tests/Makefile.am              |  5 +++--
 tests/run-readelf-info-plus.sh | 31 +++++++++++++++++++++++++++++++
 7 files changed, 56 insertions(+), 9 deletions(-)
 create mode 100755 tests/run-readelf-info-plus.sh

diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 22712f1..d187930 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,8 @@
+2018-05-28  Mark Wielaard  <mark@klomp.org>
+
+	* libdw_find_split_unit.c (__libdw_find_split_unit): End split_dwarf
+	only after we tried every unit id in it.
+
 2018-04-07  Mark Wielaard  <mark@klomp.org>
 
 	* libdwP.h (struct Dwarf_CU): Add locs_base.
diff --git a/libdw/libdw_find_split_unit.c b/libdw/libdw_find_split_unit.c
index fcfc46e..d6527e0 100644
--- a/libdw/libdw_find_split_unit.c
+++ b/libdw/libdw_find_split_unit.c
@@ -94,14 +94,13 @@ __libdw_find_split_unit (Dwarf_CU *cu)
 			      elf_cntl (split_dwarf->elf, ELF_C_FDDONE);
 			      break;
 			    }
-
-			  if (cu->split == (Dwarf_CU *) -1)
-			    dwarf_end (split_dwarf);
 			}
-		      /* Always close, because we don't want to run
-			 out of file descriptors.  See also the
-			 elf_fcntl ELF_C_FDDONE call above.  */
+		      if (cu->split == (Dwarf_CU *) -1)
+			dwarf_end (split_dwarf);
 		    }
+		  /* Always close, because we don't want to run
+		     out of file descriptors.  See also the
+		     elf_fcntl ELF_C_FDDONE call above.  */
 		  close (split_fd);
 		}
 	      free (dwo_path);
diff --git a/src/ChangeLog b/src/ChangeLog
index 545fb50..b6f66bd 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,8 @@
+2018-05-28  Mark Wielaard  <mark@klomp.org>
+
+	* readelf.c (print_debug_units): Turn "Could not find split compile
+	unit" into an Warning instead of an error.
+
 2018-04-29  Mark Wielaard  <mark@klomp.org>
 
 	* readelf.c (parse_opt): Request implicit section_info for "str".
diff --git a/src/readelf.c b/src/readelf.c
index be9fe88..bfa1d16 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -7668,7 +7668,7 @@ print_debug_units (Dwfl_Module *dwflmod,
 	  || dwarf_tag (&subdie) == DW_TAG_invalid)
 	{
 	  if (!silent)
-	    error (0, 0, gettext ("Could not find split compile unit"));
+	    fprintf (stderr, gettext ("Could not find split compile unit"));
 	}
       else
 	{
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 7ac6bd3..4d69515 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,9 @@
+2018-05-28  Mark Wielaard  <mark@klomp.org>
+
+	* run-readelf-info-plus.sh: New test.
+	* Makefile.am (TESTS): Add run-readelf-info-plus.sh.
+	(EXTRA_DIST): Likewise.
+
 2018-04-29  Mark Wielaard  <mark@klomp.org>
 
 	* run-readelf-addr.sh: New test.
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 4cd0665..e935410 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -93,7 +93,7 @@ TESTS = run-arextract.sh run-arsymtest.sh run-ar.sh newfile test-nlist \
 	run-ranlib-test2.sh run-ranlib-test3.sh run-ranlib-test4.sh \
 	run-addrscopes.sh run-strings-test.sh run-funcscopes.sh \
 	run-find-prologues.sh run-allregs.sh run-addrcfi.sh \
-	run-nm-self.sh run-readelf-self.sh \
+	run-nm-self.sh run-readelf-self.sh run-readelf-info-plus.sh \
 	run-varlocs-self.sh run-exprlocs-self.sh \
 	run-readelf-test1.sh run-readelf-test2.sh run-readelf-test3.sh \
 	run-readelf-test4.sh run-readelf-twofiles.sh \
@@ -197,7 +197,8 @@ EXTRA_DIST = run-arextract.sh run-arsymtest.sh run-ar.sh \
 	     run-elflint-self.sh run-ranlib-test.sh run-ranlib-test2.sh \
 	     run-ranlib-test3.sh run-ranlib-test4.sh \
 	     run-addrscopes.sh run-strings-test.sh run-funcscopes.sh \
-	     run-nm-self.sh run-readelf-self.sh run-addrcfi.sh \
+	     run-nm-self.sh run-readelf-self.sh run-readelf-info-plus.sh \
+	     run-addrcfi.sh \
 	     run-varlocs-self.sh run-exprlocs-self.sh \
 	     run-find-prologues.sh run-allregs.sh run-native-test.sh \
 	     run-addrname-test.sh run-dwfl-bug-offline-rel.sh \
diff --git a/tests/run-readelf-info-plus.sh b/tests/run-readelf-info-plus.sh
new file mode 100755
index 0000000..ee1db02
--- /dev/null
+++ b/tests/run-readelf-info-plus.sh
@@ -0,0 +1,31 @@
+#! /bin/sh
+# Test for --debug-dump=info+ and finding split unit (in wrong file).
+# Copyright (C) 2018 Red Hat, Inc.
+# This file is part of elfutils.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# elfutils is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. $srcdir/test-subr.sh
+
+# see tests/testfile-dwarf-45.source
+testfiles testfile-splitdwarf-5
+testfiles testfile-world5.dwo
+
+# note, wrong file, renamed as if this contains the correct dwo...
+tempfiles testfile-hello5.dwo
+cp testfile-world5.dwo testfile-hello5.dwo
+
+testrun ${abs_top_builddir}/src/readelf --debug-dump=info+ testfile-splitdwarf-5
+
+exit 0
-- 
1.8.3.1