From mboxrd@z Thu Jan 1 00:00:00 1970 Content-Type: multipart/mixed; boundary="===============1395893540285683067==" MIME-Version: 1.0 From: Mark Wielaard To: elfutils-devel@lists.fedorahosted.org Subject: Re: [PATCH] libdw: Don't overflow stack with user defined macro attributes array. Date: Tue, 21 Apr 2015 20:32:21 +0200 Message-ID: <20150421183221.GB2488@blokker.redhat.com> In-Reply-To: 87vbgpr26a.fsf@gmail.com --===============1395893540285683067== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable On Tue, Apr 21, 2015 at 04:22:53PM +0200, Petr Machata wrote: > Mark Wielaard writes: > > for (Dwarf_Word i =3D 0; i < proto->nforms; ++i) > > { > = > There's a return in this loop that needs free (attributesp) as well. Oops. Missed that one. Fixed patch attached. Thanks, Mark --===============1395893540285683067== Content-Type: text/plain MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="0001-libdw-Don-t-overflow-stack-with-user-defined-macro-a.patch" PkZyb20gYzkxZDEzZGQyNjliMDg0MzJlOGMxY2Q0Mzg1OTUyMDcxMDk3ZDgyNyBNb24gU2VwIDE3 IDAwOjAwOjAwIDIwMDEKRnJvbTogTWFyayBXaWVsYWFyZCA8bWp3QHJlZGhhdC5jb20+CkRhdGU6 IFR1ZSwgMjEgQXByIDIwMTUgMTU6NDY6MDEgKzAyMDAKU3ViamVjdDogW1BBVENIXSBsaWJkdzog RG9uJ3Qgb3ZlcmZsb3cgc3RhY2sgd2l0aCB1c2VyIGRlZmluZWQgbWFjcm8KIGF0dHJpYnV0ZXMg YXJyYXkuCgpJbiB0aGVvcnkgdXNlciBkZWZpbmVkIGRlYnVnIG1hY3JvcyBjYW4gaGF2ZSBhbiBh cmJpdHJhcnkgbnVtYmVyIG9mCmFyZ3VtZW50cy4gRG9uJ3QgYWxsb2NhdGUgdGhlbSBhbGwgb24g c3RhY2suIElmIHRoZXJlIGFyZSBtb3JlIHRoYW4KOCAoYXJiaXRyYXJ5IG51bWJlciwgYnV0IG5v IHNhbmUgbWFjcm8gc2hvdWxkIGhhdmUgbW9yZSBhcmd1bWVudHMpLAp0aGVuIGR5bmFtaWNhbGx5 IGFsbG9jYXRlIGFuZCBmcmVlIHRoZSBhdHRyaWJ1dGVzLgoKRm91bmQgYnkgZ2NjIC1mc2FuaXRp emU9dW5kZWZpbmVkLiBXaGljaCBwb2ludGVkIG91dCB0aGUgbmZvcm1zIGNvdWxkCmJlIHplcm8s IGNyZWF0aW5nIGFuIGVtcHR5IHZsYSAod2hpY2ggY291bGQgY2F1c2UgdW5kZWZpbmVkIGJlaGF2 aW9yKS4KClNpZ25lZC1vZmYtYnk6IE1hcmsgV2llbGFhcmQgPG1qd0ByZWRoYXQuY29tPgotLS0K IGxpYmR3L0NoYW5nZUxvZyAgICAgICAgIHwgIDUgKysrKysKIGxpYmR3L2R3YXJmX2dldG1hY3Jv cy5jIHwgMzAgKysrKysrKysrKysrKysrKysrKysrKysrKystLS0tCiAyIGZpbGVzIGNoYW5nZWQs IDMxIGluc2VydGlvbnMoKyksIDQgZGVsZXRpb25zKC0pCgpkaWZmIC0tZ2l0IGEvbGliZHcvQ2hh bmdlTG9nIGIvbGliZHcvQ2hhbmdlTG9nCmluZGV4IDNhYmIzODIuLjg3YzdkODIgMTAwNjQ0Ci0t LSBhL2xpYmR3L0NoYW5nZUxvZworKysgYi9saWJkdy9DaGFuZ2VMb2cKQEAgLTEsMyArMSw4IEBA CisyMDE1LTA0LTIxICBNYXJrIFdpZWxhYXJkICA8bWp3QHJlZGhhdC5jb20+CisKKwkqIGR3YXJm X2dldG1hY3Jvcy5jIChyZWFkX21hY3Jvcyk6IEFsbG9jYXRlIGF0dHJpYnV0ZXMgZHluYW1pY2Fs bHkKKwl3aGVuIHRoZXJlIGFyZSBtb3JlIHRoYW4gOC4KKwogMjAxNS0wNC0wMSAgUGV0ciBNYWNo YXRhICA8cG1hY2hhdGFAcmVkaGF0LmNvbT4KIAogCSogbGliZHdQLmggKERXQVJGX0VfTk9UX0NV RElFKTogTmV3IGVudW1lcmF0b3IuCmRpZmYgLS1naXQgYS9saWJkdy9kd2FyZl9nZXRtYWNyb3Mu YyBiL2xpYmR3L2R3YXJmX2dldG1hY3Jvcy5jCmluZGV4IGY5ZjI5OTYuLjc0MDM2OGUgMTAwNjQ0 Ci0tLSBhL2xpYmR3L2R3YXJmX2dldG1hY3Jvcy5jCisrKyBiL2xpYmR3L2R3YXJmX2dldG1hY3Jv cy5jCkBAIC0zNjEsNyArMzYxLDIyIEBAIHJlYWRfbWFjcm9zIChEd2FyZiAqZGJnLCBpbnQgc2Vj X2luZGV4LAogCS5lbmRwID0gKHZvaWQgKikgZW5kcCwKICAgICAgIH07CiAKLSAgICAgIER3YXJm X0F0dHJpYnV0ZSBhdHRyaWJ1dGVzW3Byb3RvLT5uZm9ybXNdOworICAgICAgRHdhcmZfQXR0cmli dXRlICphdHRyaWJ1dGVzOworICAgICAgRHdhcmZfQXR0cmlidXRlICphdHRyaWJ1dGVzcCA9IE5V TEw7CisgICAgICBEd2FyZl9BdHRyaWJ1dGUgbmF0dHJpYnV0ZXNbOF07CisgICAgICBpZiAodW5s aWtlbHkgKHByb3RvLT5uZm9ybXMgPiA4KSkKKwl7CisJICBhdHRyaWJ1dGVzcCA9IG1hbGxvYyAo c2l6ZW9mIChEd2FyZl9BdHRyaWJ1dGUpICogcHJvdG8tPm5mb3Jtcyk7CisJICBpZiAoYXR0cmli dXRlc3AgPT0gTlVMTCkKKwkgICAgeworCSAgICAgIF9fbGliZHdfc2V0ZXJybm8gKERXQVJGX0Vf Tk9NRU0pOworCSAgICAgIHJldHVybiAtMTsKKwkgICAgfQorCSAgYXR0cmlidXRlcyA9IGF0dHJp YnV0ZXNwOworCX0KKyAgICAgIGVsc2UKKwlhdHRyaWJ1dGVzID0gJm5hdHRyaWJ1dGVzWzBdOwor CiAgICAgICBmb3IgKER3YXJmX1dvcmQgaSA9IDA7IGkgPCBwcm90by0+bmZvcm1zOyArK2kpCiAJ ewogCSAgLyogV2UgcHJldGVuZCB0aGlzIGlzIGEgRFdfQVRfR05VX21hY3JvcyBhdHRyaWJ1dGUg c28gdGhhdApAQCAtMzczLDggKzM4OCwxMSBAQCByZWFkX21hY3JvcyAoRHdhcmYgKmRiZywgaW50 IHNlY19pbmRleCwKIAkgIGF0dHJpYnV0ZXNbaV0uY3UgPSAmZmFrZV9jdTsKIAogCSAgc2l6ZV90 IGxlbiA9IF9fbGliZHdfZm9ybV92YWxfbGVuICgmZmFrZV9jdSwgcHJvdG8tPmZvcm1zW2ldLCBy ZWFkcCk7Ci0JICBpZiAobGVuID09IChzaXplX3QpIC0xKQotCSAgICByZXR1cm4gLTE7CisJICBp ZiAodW5saWtlbHkgKGxlbiA9PSAoc2l6ZV90KSAtMSkpCisJICAgIHsKKwkgICAgICBmcmVlIChh dHRyaWJ1dGVzcCk7CisJICAgICAgcmV0dXJuIC0xOworCSAgICB9CiAKIAkgIHJlYWRwICs9IGxl bjsKIAl9CkBAIC0zODUsNyArNDAzLDExIEBAIHJlYWRfbWFjcm9zIChEd2FyZiAqZGJnLCBpbnQg c2VjX2luZGV4LAogCS5hdHRyaWJ1dGVzID0gYXR0cmlidXRlcywKICAgICAgIH07CiAKLSAgICAg IGlmIChjYWxsYmFjayAoJm1hY3JvLCBhcmcpICE9IERXQVJGX0NCX09LKQorICAgICAgaW50IHJl cyA9IGNhbGxiYWNrICgmbWFjcm8sIGFyZyk7CisgICAgICBpZiAodW5saWtlbHkgKGF0dHJpYnV0 ZXNwICE9IE5VTEwpKQorCWZyZWUgKGF0dHJpYnV0ZXNwKTsKKworICAgICAgaWYgKHJlcyAhPSBE V0FSRl9DQl9PSykKIAlyZXR1cm4gcmVhZHAgLSBzdGFydHA7CiAgICAgfQogCi0tIAoyLjEuMAoK --===============1395893540285683067==--