[PATCH] libdw: Fix memory corruption in libdw_find_split_unit.

[PATCH] libdw: Fix memory corruption in libdw_find_split_unit.

[Mark Wielaard]

Found by valgrind when trying to match a split unit from a .dwo file
that doesn't contain the split unit (as first) match. We would close
the split Dwarf too early, before we had inspected all units in it.

Add a testcase that simulates this. Which failed (at least under valgrind
as run by make distcheck) before the fix.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 libdw/ChangeLog                |  5 +++++
 libdw/libdw_find_split_unit.c  | 11 +++++------
 src/ChangeLog                  |  5 +++++
 src/readelf.c                  |  2 +-
 tests/ChangeLog                |  6 ++++++
 tests/Makefile.am              |  5 +++--
 tests/run-readelf-info-plus.sh | 31 +++++++++++++++++++++++++++++++
 7 files changed, 56 insertions(+), 9 deletions(-)
 create mode 100755 tests/run-readelf-info-plus.sh

diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 22712f1..d187930 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,8 @@
+2018-05-28  Mark Wielaard  <mark@klomp.org>
+
+	* libdw_find_split_unit.c (__libdw_find_split_unit): End split_dwarf
+	only after we tried every unit id in it.
+
 2018-04-07  Mark Wielaard  <mark@klomp.org>
 
 	* libdwP.h (struct Dwarf_CU): Add locs_base.
diff --git a/libdw/libdw_find_split_unit.c b/libdw/libdw_find_split_unit.c
index fcfc46e..d6527e0 100644
--- a/libdw/libdw_find_split_unit.c
+++ b/libdw/libdw_find_split_unit.c
@@ -94,14 +94,13 @@ __libdw_find_split_unit (Dwarf_CU *cu)
 			      elf_cntl (split_dwarf->elf, ELF_C_FDDONE);
 			      break;
 			    }
-
-			  if (cu->split == (Dwarf_CU *) -1)
-			    dwarf_end (split_dwarf);
 			}
-		      /* Always close, because we don't want to run
-			 out of file descriptors.  See also the
-			 elf_fcntl ELF_C_FDDONE call above.  */
+		      if (cu->split == (Dwarf_CU *) -1)
+			dwarf_end (split_dwarf);
 		    }
+		  /* Always close, because we don't want to run
+		     out of file descriptors.  See also the
+		     elf_fcntl ELF_C_FDDONE call above.  */
 		  close (split_fd);
 		}
 	      free (dwo_path);
diff --git a/src/ChangeLog b/src/ChangeLog
index 545fb50..b6f66bd 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,8 @@
+2018-05-28  Mark Wielaard  <mark@klomp.org>
+
+	* readelf.c (print_debug_units): Turn "Could not find split compile
+	unit" into an Warning instead of an error.
+
 2018-04-29  Mark Wielaard  <mark@klomp.org>
 
 	* readelf.c (parse_opt): Request implicit section_info for "str".
diff --git a/src/readelf.c b/src/readelf.c
index be9fe88..bfa1d16 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -7668,7 +7668,7 @@ print_debug_units (Dwfl_Module *dwflmod,
 	  || dwarf_tag (&subdie) == DW_TAG_invalid)
 	{
 	  if (!silent)
-	    error (0, 0, gettext ("Could not find split compile unit"));
+	    fprintf (stderr, gettext ("Could not find split compile unit"));
 	}
       else
 	{
diff --git a/tests/ChangeLog b/tests/ChangeLog
index 7ac6bd3..4d69515 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,9 @@
+2018-05-28  Mark Wielaard  <mark@klomp.org>
+
+	* run-readelf-info-plus.sh: New test.
+	* Makefile.am (TESTS): Add run-readelf-info-plus.sh.
+	(EXTRA_DIST): Likewise.
+
 2018-04-29  Mark Wielaard  <mark@klomp.org>
 
 	* run-readelf-addr.sh: New test.
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 4cd0665..e935410 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -93,7 +93,7 @@ TESTS = run-arextract.sh run-arsymtest.sh run-ar.sh newfile test-nlist \
 	run-ranlib-test2.sh run-ranlib-test3.sh run-ranlib-test4.sh \
 	run-addrscopes.sh run-strings-test.sh run-funcscopes.sh \
 	run-find-prologues.sh run-allregs.sh run-addrcfi.sh \
-	run-nm-self.sh run-readelf-self.sh \
+	run-nm-self.sh run-readelf-self.sh run-readelf-info-plus.sh \
 	run-varlocs-self.sh run-exprlocs-self.sh \
 	run-readelf-test1.sh run-readelf-test2.sh run-readelf-test3.sh \
 	run-readelf-test4.sh run-readelf-twofiles.sh \
@@ -197,7 +197,8 @@ EXTRA_DIST = run-arextract.sh run-arsymtest.sh run-ar.sh \
 	     run-elflint-self.sh run-ranlib-test.sh run-ranlib-test2.sh \
 	     run-ranlib-test3.sh run-ranlib-test4.sh \
 	     run-addrscopes.sh run-strings-test.sh run-funcscopes.sh \
-	     run-nm-self.sh run-readelf-self.sh run-addrcfi.sh \
+	     run-nm-self.sh run-readelf-self.sh run-readelf-info-plus.sh \
+	     run-addrcfi.sh \
 	     run-varlocs-self.sh run-exprlocs-self.sh \
 	     run-find-prologues.sh run-allregs.sh run-native-test.sh \
 	     run-addrname-test.sh run-dwfl-bug-offline-rel.sh \
diff --git a/tests/run-readelf-info-plus.sh b/tests/run-readelf-info-plus.sh
new file mode 100755
index 0000000..ee1db02
--- /dev/null
+++ b/tests/run-readelf-info-plus.sh
@@ -0,0 +1,31 @@
+#! /bin/sh
+# Test for --debug-dump=info+ and finding split unit (in wrong file).
+# Copyright (C) 2018 Red Hat, Inc.
+# This file is part of elfutils.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# elfutils is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. $srcdir/test-subr.sh
+
+# see tests/testfile-dwarf-45.source
+testfiles testfile-splitdwarf-5
+testfiles testfile-world5.dwo
+
+# note, wrong file, renamed as if this contains the correct dwo...
+tempfiles testfile-hello5.dwo
+cp testfile-world5.dwo testfile-hello5.dwo
+
+testrun ${abs_top_builddir}/src/readelf --debug-dump=info+ testfile-splitdwarf-5
+
+exit 0
-- 
1.8.3.1

Re: [PATCH] libdw: Fix memory corruption in libdw_find_split_unit.

[Mark Wielaard]

On Mon, 2018-05-28 at 17:33 +0200, Mark Wielaard wrote:
> Found by valgrind when trying to match a split unit from a .dwo file
> that doesn't contain the split unit (as first) match. We would close
> the split Dwarf too early, before we had inspected all units in it.
> 
> Add a testcase that simulates this. Which failed (at least under valgrind
> as run by make distcheck) before the fix.

Pushed to master.