From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 114461 invoked by alias); 8 Dec 2017 14:44:06 -0000 Mailing-List: contact elfutils-devel-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Post: List-Help: List-Subscribe: Sender: elfutils-devel-owner@sourceware.org Received: (qmail 114440 invoked by uid 89); 8 Dec 2017 14:44:05 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Checked: by ClamAV 0.99.2 on sourceware.org X-Virus-Found: No X-Spam-SWARE-Status: No, score=-25.9 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2 spammy=H*r:40.107.3 X-Spam-Status: No, score=-25.9 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sourceware.org X-Spam-Level: X-HELO: EUR03-AM5-obe.outbound.protection.outlook.com Received: from mail-eopbgr30110.outbound.protection.outlook.com (HELO EUR03-AM5-obe.outbound.protection.outlook.com) (40.107.3.110) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 08 Dec 2017 14:44:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qtcompany.onmicrosoft.com; s=selector1-qt-io; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=xpBlwtkWcMjK1onfSUtd7xMa+XAEQwwV+gmtl6rTmOA=; b=sN1VxzzCFXUgpH/H2jAJ75hNtBWr9/Fo0jpL3j/EJl2rQd1MLhoCCMAWSAH4o+shMl/Gi8WX0h50sWs+xnLKOfFe8/mNinQiFs/RuZl5mJsRPYltfzHuFUn0MW7g53VKdrBSNwlHvuBtu/MRszPsI20Y9Qg+W5IiuRMb8OMAP9w= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=ulf.hermann@qt.io; Received: from [10.9.78.45] (62.220.2.194) by HE1PR0201MB1836.eurprd02.prod.outlook.com (2603:10a6:3:b::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.302.9; Fri, 8 Dec 2017 14:43:57 +0000 From: Ulf Hermann Subject: [PATCH 1/2] Don't overflow in __libdw_in_section To: elfutils-devel@sourceware.org Message-ID: Date: Fri, 08 Dec 2017 14:44:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [62.220.2.194] X-ClientProxiedBy: AM5P189CA0031.EURP189.PROD.OUTLOOK.COM (2603:10a6:206:15::44) To HE1PR0201MB1836.eurprd02.prod.outlook.com (2603:10a6:3:b::14) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b95f57dd-b65e-40e3-8fbf-08d53e4a1d17 X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307);SRVR:HE1PR0201MB1836; X-Microsoft-Exchange-Diagnostics: 1;HE1PR0201MB1836;3:qMBaP3RT2g3z4ilVZQ6tD+DKazHdPlQ627nGB1viPmrD/qgtqTM3inUPzTcs8vh6pyvJpgs9vAN9OZ+JxUIsxOqXsTXXIzzAT4zKSJSWhgx2sSA3ZFZAWPrFqPo/kPbSdoQBp0s+gOpJdxSXY8MIWRktdX4rKgE7fUuWgBSI0zWh/r3ysdSw8wHfmdk2UJ+la+YBlV0q2iHk8sYnnlm2dmDpIgHcrjeqeFNZVRjBJSZSF0e/Md0k+08LDbjSgcSN;25:hg+zCBhTXSY89peUVYNmKCwuBxJsr0xs06J3012yUu/cqmyS5nUJgO0ql/6EvWnMWeYAtKrv1gyDyPDMVgmk4fT+ZSFBJNad3zbATwxPDDMXwGQAVliTt+zt8B9QFJiSX5JSQ82upOxYsS7bOidvpkOkB4PPzZNeKrFaiCdkoRZXmRplHWGYzJQ8RNZM3pI5zXHWmtalKCKoPyKcv6CjHLoFZi1rzOVnJ+RJDrLdOufRTv7YgjwwfMgnUM9B9i3wfZ34Pd7PrnSXyisy2eU9kVMtg6ljo4EmAPcZsHn4UKfPneGsicnqCjpEywSXdZfUMFKpU6+URVdEtiO1KpiKJQ==;31:RSh5mwJ1QvDSTbj58fmGKPHPacgCrSjAmZFvhjUW4MzGEqPOkLlXTFNUMKGHAnsITOO3cQH+qivBB2H/JKKRZmYcOtgfHRhn3LNDytUMq9368CY21FqVO6BytccIlLhHkzdW38RHR22QNV/m5X9G8SzFkmjyCELnbys66bHek5b8U5Mup4/ffY+c3+IwdKivLDaomlqjHKoOlV9+IY366L7FmK/wW25hjGUsrSVzvAY= X-MS-TrafficTypeDiagnostic: HE1PR0201MB1836: X-Microsoft-Exchange-Diagnostics: 1;HE1PR0201MB1836;20:JzoVYAhMCBtRE2oKDSO5EY0O1GRgJSQNvKVuxpELGv+P/XgAHX+MOGIin/txkWIazxu8XfocUmbNbdhCJ6IVDBVKEWnlNPIAVzCHt/VthKPrrADAmLaPtAqYGGrBlrzk8vgs5lr5GqWNS+sJm7K8BqCo8LvdvFVvgPbuFzq6cT4Eg5AJl41S/4PtQs7J1Ey0GZv6eHYOGuBK4EELUjBSZHlOBBCJUPzZFW6Juc/FdLVi1vGgdNKFkwwsjtuTLHyoeszei4IVwzoPR3AYwt3q8GMRp2kcULEXA5rsm4cgaatzDeRP36msW1/pqzHuUTWUWHHVl+ZjBvzghTcbRiag4yHsBnFdObFS2yCbW5F60Yl4uRApVmQCFVNMqwT9Rn/CepvWlAIpRYr+5s/MhpCEp6bao/hsjH1ibN24Ozt9vMjGhyihqqvEydlstiwHQx5Vz3EyMDo6yWwXUgtmiVi0yWV0K4RUaHo2a1GoB0h3XWNydkkOa9eNB2bdfBv4BDbW;4:bIB7kugeFMW7w75/w0A1B1ZFVW74snZsIp+JqVPAC8cVhyhb00AVU4jdfj50jaOo3K4UhdRXhYVcGucmUYC5kDs3PMLHZA9NjNeI90bsI2DDzlyWgFS4IBEAwMgyvEDi0jm8J/5EOeCQA5CUSzePzmEtliU9Mcd/wX0q4K9sAb7lp5JRI8Jo8nek5QMQ9vYGX/tKivOBSTKpGX77Q7Ui9VeQ9sLmta3blLndNowttaBSXmbK/ptStN7iBmLP5PWURPdt0AWVmFfGVcCSk4xKwg== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231022)(6041248)(20161123562025)(20161123560025)(20161123564025)(20161123555025)(20161123558100)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(6072148)(201708071742011);SRVR:HE1PR0201MB1836;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:HE1PR0201MB1836; X-Forefront-PRVS: 0515208626 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(6049001)(376002)(346002)(366004)(39830400002)(199004)(189003)(54534003)(377424004)(2361001)(68736007)(33646002)(47776003)(65826007)(6916009)(3260700006)(5660300001)(305945005)(7736002)(8676002)(83506002)(81166006)(67846002)(2351001)(25786009)(65806001)(65956001)(66066001)(77096006)(36756003)(58126008)(6486002)(31686004)(81156014)(6116002)(31696002)(478600001)(50466002)(3846002)(16576012)(74482002)(86362001)(16526018)(33896004)(23676004)(52116002)(8936002)(97736004)(2906002)(230700001)(53936002)(64126003)(106356001)(105586002)(316002);DIR:OUT;SFP:1102;SCL:1;SRVR:HE1PR0201MB1836;H:[10.9.78.45];FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; Received-SPF: None (protection.outlook.com: qt.io does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtIRTFQUjAyMDFNQjE4MzY7MjM6aXVCZHMraUI2WGY5SmhzYVlWdGU0UjVl?= =?utf-8?B?K1NOWXM2UEg4VVN4RWowRWRFMVBrUWVwaUNSdm5RcS8vUVJjNmZPaWVtNjlu?= =?utf-8?B?TUc1Y3VNVWNlZlErRm5JUmp5OFpJcUJvcDdFMHZ6Ny9qKzVDNjBld3JxR3d1?= =?utf-8?B?UGxBMWk5ZFd4eFp3VStMYWtweDZMclJnYVErTndrZFJMelNHRlQwbWhuTW5U?= =?utf-8?B?STlzamdkU1cyQVo4b1RmRVFqUkRQZkMvbW1OYXpvb3FPRDFUa2J2a1IxU0ww?= =?utf-8?B?QUl5bmRrbXBOci9NOU5Wa2lVbjk5TkpqdXpmRmdSQ2hpTEUxcmY4UTlJKzRt?= =?utf-8?B?K0RrSngydnJONG9BRzBwNElMdExndGQxanlMRThSSHFsTUd0aFhsenZtblNT?= =?utf-8?B?T3VFcTJMWVhzcVNwMXhvZjdjQXk0aGNmaDlFV2syV1ZLN2tXQW0vVDlFTllC?= =?utf-8?B?RDZZZ3YxaHQxcHN5VnR2OStua0N0WFdBdTVqTTArZkJWN0xNdUppNmhUYzlR?= =?utf-8?B?NWtrS1FMOWlYTFdFT0VIQTFpVW8vVkxHRzVVdVR1d3cwenVwM3JlZWRNSkdt?= =?utf-8?B?dFVqanhreWZscXpwN2RqNDBXMVpWWWZwK0JrSlZreVhDQnJ4ODRGbXFHb2tL?= =?utf-8?B?MjE3S0N2YXcyTVU1a1BQaU80d2NsWUVpZU45NElJREI2K3E0eEl6RDlqU0V6?= =?utf-8?B?bWdmTFZHVDd0eTYzeGw4cU4rOW94dFRicENhWW00SzVveG5IN3phMC9DV2hU?= =?utf-8?B?WjNsYlB4QlNxUFY0bkxQcEYrT0tTZCtSZXhGTWxqck01a1ByUDViTHIrcWlv?= =?utf-8?B?YVEyc0N6NVNGdHp2WnNSaUFpbzlMTmZiWitDdE92SEsrWURPaDFNbTRvMXpz?= =?utf-8?B?TERpMmZXeFl6RXp3ckFhK2YxdHkwM1NTU3NmSzYvZk0ySjdObVN0Mnh4MkhU?= =?utf-8?B?bFk5ZlFNc0s1bE9ZMnV1TXBlMi9oRUxTY3k5ZTF4SloyOGRuYkN1Y2F0bmRp?= =?utf-8?B?SWlVU0NyN0NwaFBvdWhYaGl4bU9HekJNOG4yaGUvcE5RbHp3cURnZVlnK2hq?= =?utf-8?B?R0liQkQ4RTFyR0RLaHZUd1l6dG9TdjJXYzY0OG96RlFJcmJuRkdmRWVRYWc5?= =?utf-8?B?YnYyMG9KckxjOWJpcUxnL2hWTDlxampFTEFLbEZSYmlxaThQZTVxOE8xSkt1?= =?utf-8?B?dVh4aVdxOE9jT0JvVFF6MG9jNlA5bmdDRUlIeE5pM09HQjNjMlYxc1RWNTRT?= =?utf-8?B?NzhpaWR6c1ZIWjh5L3ZGZ0IreDhHNko2MVZia3NZUld3YkZTT2RFMmpTQUtz?= =?utf-8?B?SmFlalNLMUNxZDY1ZVZzTUJ3Smk1TzNmT1dKK3BUa1Z5MHFqQWMvRmlZUjlN?= =?utf-8?B?NzJEcGFnNHpSbGVJcjgrblFqU2RBc2hrcjM0bUNvOEZmU2RHWDR5OHFrc25k?= =?utf-8?B?djRUVUMxTno3SDZRNWIyZmpxRXVhSkNGNyt3eHdyMEx2UnBhYURDdmRPeDFq?= =?utf-8?B?bVhybjFTVjAzUkhQNVJVQ09hZ1N2TUp1UU41SmI0L2JQdExHN1IyM0pnL2dw?= =?utf-8?B?VlM2eXRkWjI5Z3J0OVZYVUlkdVl3b3hLeXlCbXVKV0pCVU81YlR1TlZldnQ5?= =?utf-8?B?dnl6bTNWRXFnam0rb2txU1JFdElsakhNYWFDVEVvK3NtNitSVkNibml4WDR0?= =?utf-8?Q?ikFTK7X2aHGBhnvUMJauYA2TT5fBBjimxqjEADlUI?= X-Microsoft-Exchange-Diagnostics: 1;HE1PR0201MB1836;6:JZ6Yg0b8daNMo5b/pkZrfx99RoVhGRls4eF7kgNNySjBc/EDC13904YOoK0E1C9XwVtUTeRlD7990oa0BYIa5VJpeKOB10DeUHu/cU781Sqi+4aFWMQ8n9eTjIbuGLot5laS9rAcRf8gfbkVrwpifu1GES+zMFoA0wn3OmczdjTZuP3OCAFRf/UmKpb0KgnnUlEoMb/BymDG53QRhE6hqQv8xrqsu0xyITXhJVG7NverprNRO5s8zJT6xIxolJdvMgEomyhVZclqwopVCKif/0+OEYQJSSAhlRKoGeRO6F/nuXI5p34mHAEglVLKjPcLYDqgKDv/4h51OzVg05KeNRLPoXvtpAYYrjMFRmoqOAE=;5:bEYh4e0hjGa/44ki7s+EbsB+FoxtwMyKdi4h6/a2Nz3khYGOfbhrYOjd1N4qbHpmrg4AENpv1dZrL/sIoTDoQe7t/xgjvucAWzLxpRF5ZDdheh6ZhfKm4EeZRAC3vQgkeErGx7UkkZGHWzI45HlQWQYKIWsRSI1hMy+AJXrD2hg=;24:074wMaMjiQTcUz6SzCZtZW100yb28xV44JDp6ptoVJBeI1r7vD/60IZVy19h0BkhS5VE94UbVbmAUTXuRVQrCycqqUX3Iy8080206KzVGac=;7:OH7R9uRwuLUCM+J9gt+a5V7J3TNlLiz0NbQaTVuomP0ITvrVSWHjyRnfvcWB1qMe8gQ6FJssFtmPdDVeoiD2uzA5RgIQOwJY0dO+/MWarFoaWS9FQ5Z0tXYZtpZoPyCiUpJukwpokDxwVfujgYi/60Bdth6Wa0ygySbxu5jplXPs5iK1uNjyunjDoSz+132D20hPHCzGJmgeYD282xaw2WhQd5K2esi3hNj/hmt50BzV5t12wR00yrQx/d6T17+l SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: qt.io X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Dec 2017 14:43:57.7816 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b95f57dd-b65e-40e3-8fbf-08d53e4a1d17 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 20d0b167-794d-448a-9d01-aaeccc1124ac X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0201MB1836 X-IsSubscribed: yes X-SW-Source: 2017-q4/txt/msg00092.txt.bz2 This exposes a bug in dwarf_formstring as detected by the dwarf-getmacros test. We cannot unconditionally assume that a string is in either the IDX_debug_info or the IDX_debug_types section as determined by cu_sec_idx. Change-Id: I6544d42b719587dd94330db484512bde6ce34e55 --- libdw/ChangeLog | 4 ++++ libdw/libdwP.h | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/libdw/ChangeLog b/libdw/ChangeLog index 4375244..996cd2e 100644 --- a/libdw/ChangeLog +++ b/libdw/ChangeLog @@ -1,3 +1,7 @@ +2017-05-09 Ulf Hermann + + * libdwP.h: Fix check for the upper border of the range in __libdw_in_section. + 2017-11-03 Mark Wielaard * dwarf_getlocation.c (__libdw_intern_expression): Handle diff --git a/libdw/libdwP.h b/libdw/libdwP.h index 78c0013..e092d8e 100644 --- a/libdw/libdwP.h +++ b/libdw/libdwP.h @@ -643,7 +643,8 @@ __libdw_in_section (Dwarf *dbg, int sec_index, if (data == NULL) return false; if (unlikely (addr < data->d_buf) - || unlikely (data->d_size - (addr - data->d_buf) < size)) + || unlikely (data->d_size < size) + || unlikely ((size_t)(addr - data->d_buf) > data->d_size - size)) { __libdw_seterrno (DWARF_E_INVALID_OFFSET); return false; -- 2.8.1.windows.1