From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-156425-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 96330 invoked by alias); 29 May 2019 18:55:20 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Received: (qmail 96320 invoked by uid 89); 29 May 2019 18:55:20 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS autolearn=ham version=3.3.1 spammy=history
X-HELO: gateway30.websitewelcome.com
Received: from gateway30.websitewelcome.com (HELO gateway30.websitewelcome.com) (192.185.151.58) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 29 May 2019 18:55:18 +0000
Received: from cm10.websitewelcome.com (cm10.websitewelcome.com [100.42.49.4])	by gateway30.websitewelcome.com (Postfix) with ESMTP id 5D1D0E3	for <gdb-patches@sourceware.org>; Wed, 29 May 2019 13:55:16 -0500 (CDT)
Received: from box5379.bluehost.com ([162.241.216.53])	by cmsmtp with SMTP	id W3jIhnZBv2PzOW3jIh9nIJ; Wed, 29 May 2019 13:55:16 -0500
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=tromey.com;	 s=default; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date:	References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding:	Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:	Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:	List-Subscribe:List-Post:List-Owner:List-Archive;	bh=e505PXVYmYC78ZuibV0GfCVN/6yUL3DRNcCDJ+QHdP0=; b=VQ3ms/fOW0BrwbFbF5NR8U4qxO	mfGC8gtise9+K8oiZmV8w11t9rWW2w7gHNbTw2Jdy1SJImd+8O8fIvTALu77+T2a0nSMfjXC0MKi5	o6uHBzCP+e5HPoXWd13KpwrE9;
Received: from 174-29-48-168.hlrn.qwest.net ([174.29.48.168]:46540 helo=murgatroyd)	by box5379.bluehost.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)	(Exim 4.91)	(envelope-from <tom@tromey.com>)	id 1hW3jH-0020np-QW; Wed, 29 May 2019 13:55:15 -0500
From: Tom Tromey <tom@tromey.com>
To: Tom de Vries <tdevries@suse.de>
Cc: gdb-patches@sourceware.org,  Simon Marchi <simon.marchi@polymtl.ca>
Subject: Re: [PATCH][gdb] Fix heap-buffer-overflow in cp_find_first_component_aux
References: <20190525093527.GA2911@delia>
Date: Wed, 29 May 2019 18:55:00 -0000
In-Reply-To: <20190525093527.GA2911@delia> (Tom de Vries's message of "Sat, 25	May 2019 11:35:29 +0200")
Message-ID: <871s0hxf8t.fsf@tromey.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-SW-Source: 2019-05/txt/msg00657.txt.bz2

>>>>> "Tom" == Tom de Vries <tdevries@suse.de> writes:

Tom> [gdb] Fix heap-buffer-overflow in cp_find_first_component_aux

Tom> gdb/ChangeLog:

Tom> 2019-05-25  Tom de Vries  <tdevries@suse.de>

Tom> 	PR gdb/24618
Tom> 	* dwarf2read.c (struct mapped_index::symbol_name_slot_invalid): Make
Tom> 	sure an empty slot (defined by a 32-bit zero pair) is recognized as
Tom> 	invalid.

Thanks for the patch and the excellent analysis.

I looked at the history here a little and the earlier code did:

-      if (bucket.name == 0 && bucket.vec == 0)

... so this seems to have just been a simple error in the patch.

This is ok, please check it in.

Tom