From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 7053D385782D for ; Wed, 27 Apr 2022 10:43:46 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 7053D385782D Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-19-VpNII6QSN-OrNHZhfnSvsg-1; Wed, 27 Apr 2022 06:43:44 -0400 X-MC-Unique: VpNII6QSN-OrNHZhfnSvsg-1 Received: by mail-wm1-f71.google.com with SMTP id p32-20020a05600c1da000b00393fbf9ab6eso1704372wms.4 for ; Wed, 27 Apr 2022 03:43:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:in-reply-to:references:date :message-id:mime-version; bh=IPX2AmdVHj/BGzaAeZzyh/GdB7qyjaG/7ExXgJqtHZM=; b=6J+1Yvup77daWj9T3eL7hQzlhBuZtFZRzAjWDsomp6ZZZ+zJKVhfHbCxIQqXHJlDn9 vZTIsp6NwO5ydCTDKhlluiWqiKhknbaBwtbuL2Fs7FmObeaStg2k0ga1myLkj1MUYBBy pvkN3r3W6dpl0aLrBzd2tzWtfhN9ZswcrmBUiEjc/yLsOAhZGz0UYkjjOR8DanSHQEXV cVC3GK6mMrN7zmayr1LrnLspdPChQYyShzPUFl4suVmp2x41qJJdau7GT/+VXaT3UIvu Fw1iiN36gQGYdy4yxhbOecKq7cG7WeabfOtUazqr2sQ4WWQLxH+s1PdXsGn0SxhtgSjZ sfDw== X-Gm-Message-State: AOAM533yiNcRqgRnjCH0pfg7gjeZg8qwMkeF8sSAbuUynAYNGGdiL7uZ eRPQWJWCYk9lRfoL1bO2SYWDiHFRfMwufhdDo1JL229PLZoECrSyd+Nb6XSs68ZRt70X+h7fND5 7wK0TH8FInlOuAZ7jfuz7Ww== X-Received: by 2002:adf:fc4c:0:b0:20a:d9d4:5f30 with SMTP id e12-20020adffc4c000000b0020ad9d45f30mr12233129wrs.578.1651056223345; Wed, 27 Apr 2022 03:43:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxnhPhINWBve9di3FVIG53fT0aGMyRS/XHPJ9sM4QoZci/fogDeOp93H17HwrROBk8Vg4Odew== X-Received: by 2002:adf:fc4c:0:b0:20a:d9d4:5f30 with SMTP id e12-20020adffc4c000000b0020ad9d45f30mr12233117wrs.578.1651056223068; Wed, 27 Apr 2022 03:43:43 -0700 (PDT) Received: from localhost (host81-136-113-48.range81-136.btcentralplus.com. [81.136.113.48]) by smtp.gmail.com with ESMTPSA id u5-20020a5d6da5000000b0020a880e5e9fsm13581914wrs.29.2022.04.27.03.43.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Apr 2022 03:43:42 -0700 (PDT) From: Andrew Burgess To: Luis Machado , gdb-patches@sourceware.org Subject: Re: [PATCH] Fix crash with "maintenance print arc" In-Reply-To: <20220427100753.364631-1-luis.machado@arm.com> References: <20220427100753.364631-1-luis.machado@arm.com> Date: Wed, 27 Apr 2022 11:43:41 +0100 Message-ID: <871qxiq00y.fsf@redhat.com> MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-12.3 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Apr 2022 10:43:47 -0000 Luis Machado via Gdb-patches writes: > While doing something else, I noticed GDB crashed with > "maintenance print arc". I tried building current master, and "maintenance print arc" completes just fine (for me). Can you give more details on how to reproduce the crash? Thanks, Andrew > > This happens because the code expects to find a "show" string pattern > within "maintenance print arc", since "arc" here is a prefix, and skip it. > In this case though, it won't find it, and we will have a bad pointer > getting dereferenced. > > There is another part of the code with a similar assumption. > > This patch hardens both code paths to prevent future crashes. > > Regression-tested on x86_64 and aarch64 Linux Ubuntu 20.04. > --- > gdb/cli/cli-setshow.c | 19 ++++++++++++++++--- > 1 file changed, 16 insertions(+), 3 deletions(-) > > diff --git a/gdb/cli/cli-setshow.c b/gdb/cli/cli-setshow.c > index 213573e443e..3852a505cf5 100644 > --- a/gdb/cli/cli-setshow.c > +++ b/gdb/cli/cli-setshow.c > @@ -712,7 +712,13 @@ cmd_show_list (struct cmd_list_element *list, int from_tty) > { > ui_out_emit_tuple optionlist_emitter (uiout, "optionlist"); > std::string prefixname = list->prefixname (); > - const char *new_prefix = strstr (prefixname.c_str (), "show ") + 5; > + const char *new_prefix = strstr (prefixname.c_str (), "show "); > + > + /* If we've found a "show" string, remove it now. */ > + if (new_prefix != nullptr) > + new_prefix += 5; > + else > + new_prefix = prefixname.c_str (); > > if (uiout->is_mi_like_p ()) > uiout->field_string ("prefix", new_prefix); > @@ -726,8 +732,15 @@ cmd_show_list (struct cmd_list_element *list, int from_tty) > { > /* If we find a prefix, output it (with "show " skipped). */ > std::string prefixname = list->prefix->prefixname (); > - prefixname = (!list->prefix->is_prefix () ? "" > - : strstr (prefixname.c_str (), "show ") + 5); > + const char *prefix = nullptr; > + > + if (list->prefix->is_prefix ()) > + prefix = strstr (prefixname.c_str (), "show "); > + > + /* If we've found a "show" string, remove it now. */ > + if (prefix != nullptr) > + prefixname = prefix + 5; > + > uiout->text (prefixname); > } > uiout->field_string ("name", list->name); > -- > 2.25.1