[binutils-gdb] gdb/source.c: Fix undefined behaviour dereferencing empty string

public inbox for gdb-cvs@sourceware.org
help / color / mirror / Atom feed

* [binutils-gdb] gdb/source.c: Fix undefined behaviour dereferencing empty string
@ 2022-09-24  8:56 Magne Hov
  0 siblings, 0 replies; only message in thread
From: Magne Hov @ 2022-09-24  8:56 UTC (permalink / raw)
  To: gdb-cvs

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7f2415858349f0e1eed6f8cfcb0165ed2f3c14bf

commit 7f2415858349f0e1eed6f8cfcb0165ed2f3c14bf
Author: Magne Hov <mhov@undo.io>
Date:   Sat Sep 24 09:35:50 2022 +0100

    gdb/source.c: Fix undefined behaviour dereferencing empty string
    
    When a source file's dirname is solely made up of directory separators
    we end up trying to dereference the last character of an empty string
    with std::string::back, which results in undefined behaviour. A typical
    use case where this can happen is when the root directory "/" is used as
    a compilation directory.
    
    With libstdc++.so.6.0.28 we get no out-of-bounds checks and the byte
    preceding the storage of the empty string is returned. The character
    value of this byte depends on heap implementation and usage, but when
    this byte happens to hold the value of the directory separator character
    we go on to call std::string::pop_back on the empty string which results
    in an out_of_range exception which terminates GDB.
    
    Fix this by using path_join. prepare_path_for_appending ensures that the
    filename component is relative.
    
    The testsuite has been run before and after the change and no
    regressions were found.

Diff:
---
 gdb/source.c | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/gdb/source.c b/gdb/source.c
index 3f498d552c4..25ad1ecb3da 100644
--- a/gdb/source.c
+++ b/gdb/source.c
@@ -1146,15 +1146,7 @@ find_and_open_source (const char *filename,
 	 helpful if part of the compilation directory was removed,
 	 e.g. using gcc's -fdebug-prefix-map, and we have added the missing
 	 prefix to source_path.  */
-      std::string cdir_filename (dirname);
-
-      /* Remove any trailing directory separators.  */
-      while (IS_DIR_SEPARATOR (cdir_filename.back ()))
-	cdir_filename.pop_back ();
-
-      /* Add our own directory separator.  */
-      cdir_filename.append (SLASH_STRING);
-      cdir_filename.append (filename_start);
+      std::string cdir_filename = path_join (dirname, filename_start);
 
       result = openp (path, OPF_SEARCH_IN_PATH | OPF_RETURN_REALPATH,
 		      cdir_filename.c_str (), OPEN_MODE, fullname);

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2022-09-24  8:56 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-24  8:56 [binutils-gdb] gdb/source.c: Fix undefined behaviour dereferencing empty string Magne Hov

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).