public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed
From: "anton_nix at mail dot ru" <sourceware-bugzilla@sourceware.org>
To: gdb-prs@sourceware.org
Subject: [Bug gdb/18929] New: NULL deref on throw in cp_print_value_fields
Date: Mon, 07 Sep 2015 01:41:00 -0000	[thread overview]
Message-ID: <bug-18929-4717@http.sourceware.org/bugzilla/> (raw)

https://sourceware.org/bugzilla/show_bug.cgi?id=18929

            Bug ID: 18929
           Summary: NULL deref on throw in cp_print_value_fields
           Product: gdb
           Version: 7.10
            Status: NEW
          Severity: normal
          Priority: P2
         Component: gdb
          Assignee: unassigned at sourceware dot org
          Reporter: anton_nix at mail dot ru
  Target Milestone: ---

Created attachment 8583
  --> https://sourceware.org/bugzilla/attachment.cgi?id=8583&action=edit
Patch

I think i found a bug

gdb-7.10/gdb/cp-valprint.c:316

struct value *v = NULL;
TRY { v = value_static_field (type, i); }
CATCH ... 
END_CATCH

cp_print_static_field (TYPE_FIELD_TYPE (type, i),
                 v, stream, recurse + 1,
                 options);

Assume that throw happend in value_static_field, then "v" would still 
be NULL, but cp_print_static_field expects "v" to be non-zero. This 
situation would lead to SEGFAULT

Propose to place "v" and cp_print_static_field call into TRY block

Digging in git history, I found out that, if v == NULL before 
cp_print_static_field call, then val_print_optimized_out happend 
(commit 686d4defdf4a343d4b700b8b544cd40c4f16b0d1). But in my case 
variable was not optimized out, and value_static_field throws. 

P.S.: I was debugging remote linux application from windows host.

Patch to 7.10 attached

-- 
You are receiving this mail because:
You are on the CC list for the bug.


             reply	other threads:[~2015-09-07  1:41 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-09-07  1:41 anton_nix at mail dot ru [this message]
2015-09-07  1:45 ` [Bug gdb/18929] " anton_nix at mail dot ru
2015-09-07  1:51 ` anton_nix at mail dot ru
2015-10-02  7:07 ` matteo.settenvini at yatta dot de

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-18929-4717@http.sourceware.org/bugzilla/ \
    --to=sourceware-bugzilla@sourceware.org \
    --cc=gdb-prs@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).