From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 2126) id B1602385221F; Wed, 30 Nov 2022 15:45:38 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org B1602385221F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1669823138; bh=ESmpr2Jp4A8c9RGpozpwHlJIsPZXniv3e1WnvkyQcl0=; h=From:To:Subject:Date:From; b=X91vM2ABHvpDj/eESc3ADWbaZ3D6JbelEkdDNieXpRn+4TtNzfeXX7FC2jklV874T E+hLgW3duMqn4KORIp0znPxIxc8ESfUX/gCKlWdd9d6kf8wgcf1/A/3a56sloZnH8X kgRwxV3VYmVhXCSVxCu06eEfz0680YN8sNu7dA/Y= Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Tom Tromey To: gdb-cvs@sourceware.org Subject: [binutils-gdb] Bounds check access to Ada task state names X-Act-Checkin: binutils-gdb X-Git-Author: Tom Tromey X-Git-Refname: refs/heads/master X-Git-Oldrev: 016c606c66ce4b98c220130b9046545b04254a4a X-Git-Newrev: f978da64412f37228bba9f79b3c68b7c6917379c Message-Id: <20221130154538.B1602385221F@sourceware.org> Date: Wed, 30 Nov 2022 15:45:38 +0000 (GMT) List-Id: https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3Df978da64412f= 37228bba9f79b3c68b7c6917379c commit f978da64412f37228bba9f79b3c68b7c6917379c Author: Tom Tromey Date: Wed Nov 16 13:58:06 2022 -0700 Bounds check access to Ada task state names =20 While looking into Ada tasking a little, I noticed that no bounds checking is done on accesses to the Ada task state names arrays. This isn't a problem currently, but if the runtime ever added numbers -- or if there was some kind of runtime corruption -- it could cause a gdb crash. =20 This patch adds range checking. It also adds a missing _() call when printing from the 'task_states' array. Diff: --- gdb/ada-tasks.c | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/gdb/ada-tasks.c b/gdb/ada-tasks.c index 85d1aaccb06..fbf92041d94 100644 --- a/gdb/ada-tasks.c +++ b/gdb/ada-tasks.c @@ -85,6 +85,20 @@ static const char * const task_states[] =3D { N_("Selective Wait") }; =20 +/* Return a string representing the task state. */ +static const char * +get_state (unsigned value) +{ + if (value >=3D 0 + && value <=3D ARRAY_SIZE (task_states) + && task_states[value][0] !=3D '\0') + return _(task_states[value]); + + static char buffer[100]; + xsnprintf (buffer, sizeof (buffer), _("Unknown task state: %d"), value); + return buffer; +} + /* A longer description corresponding to each possible task state. */ static const char * const long_task_states[] =3D { N_("Unactivated"), @@ -107,6 +121,21 @@ static const char * const long_task_states[] =3D { N_("Blocked in selective wait statement") }; =20 +/* Return a string representing the task state. This uses the long + descriptions. */ +static const char * +get_long_state (unsigned value) +{ + if (value >=3D 0 + && value <=3D ARRAY_SIZE (long_task_states) + && long_task_states[value][0] !=3D '\0') + return _(long_task_states[value]); + + static char buffer[100]; + xsnprintf (buffer, sizeof (buffer), _("Unknown task state: %d"), value); + return buffer; +} + /* The index of certain important fields in the Ada Task Control Block record and sub-records. */ =20 @@ -1182,7 +1211,7 @@ print_ada_task_info (struct ui_out *uiout, get_task_number_from_id (task_info->called_task, inf)); else - uiout->field_string ("state", task_states[task_info->state]); + uiout->field_string ("state", get_state (task_info->state)); =20 /* Finally, print the task name, without quotes around it, as mi like is not expecting quotes, and in non mi-like no need for quotes @@ -1276,7 +1305,7 @@ info_task (struct ui_out *uiout, const char *taskno_s= tr, struct inferior *inf) target_taskno); } else - gdb_printf (_("State: %s"), _(long_task_states[task_info->state])); + gdb_printf (_("State: %s"), get_long_state (task_info->state)); =20 if (target_taskno) {