From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-prs-return-11951-listarch-gdb-prs=sources.redhat.com@sourceware.org>
Received: (qmail 11182 invoked by alias); 1 Jul 2012 18:52:39 -0000
Received: (qmail 11160 invoked by uid 22791); 1 Jul 2012 18:52:39 -0000
X-SWARE-Spam-Status: No, hits=-3.0 required=5.0
	tests=ALL_TRUSTED,AWL,BAYES_00
X-Spam-Check-By: sourceware.org
Received: from localhost (HELO sourceware.org) (127.0.0.1)
    by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sun, 01 Jul 2012 18:51:52 +0000
From: "jan.kratochvil at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: gdb-prs@sourceware.org
Subject: [Bug cli/14321] New: find can clobber memory
Date: Sun, 01 Jul 2012 18:52:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: gdb
X-Bugzilla-Component: cli
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: normal
X-Bugzilla-Who: jan.kratochvil at redhat dot com
X-Bugzilla-Status: NEW
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-14321-4717@http.sourceware.org/bugzilla/>
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
Content-Type: text/plain; charset="UTF-8"
MIME-Version: 1.0
Mailing-List: contact gdb-prs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-prs.sourceware.org>
List-Subscribe: <mailto:gdb-prs-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-prs/>
List-Post: <mailto:gdb-prs@sourceware.org>
List-Help: <mailto:gdb-prs-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: gdb-prs-owner@sourceware.org
X-SW-Source: 2012-q3/txt/msg00002.txt.bz2

http://sourceware.org/bugzilla/show_bug.cgi?id=14321

             Bug #: 14321
           Summary: find can clobber memory
           Product: gdb
           Version: HEAD
            Status: NEW
          Severity: normal
          Priority: P2
         Component: cli
        AssignedTo: unassigned@sourceware.org
        ReportedBy: jan.kratochvil@redhat.com
    Classification: Unclassified


GNU gdb (GDB) 7.4.50.20120630-cvs
./gdb ./gdb
(gdb) find main,+100000000,xop_table
memory clobbered past end of allocated block

This code does not expect val_bytes can be huge:
findcmd.c:
      /* Keep it simple and assume size == 'g' when watching for when we
         need to grow the pattern buf.  */
      if ((pattern_buf_end - pattern_buf + max (val_bytes, sizeof (int64_t)))
          > pattern_buf_size)
        {
          size_t current_offset = pattern_buf_end - pattern_buf;

          pattern_buf_size *= 2;
          pattern_buf = xrealloc (pattern_buf, pattern_buf_size);
          pattern_buf_end = pattern_buf + current_offset;
        }

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.