public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed
* [Bug gdb/31040] New: [gdb] Make auxv parsing more strict
@ 2023-11-07 16:01 vries at gcc dot gnu.org
  0 siblings, 0 replies; only message in thread
From: vries at gcc dot gnu.org @ 2023-11-07 16:01 UTC (permalink / raw)
  To: gdb-prs

https://sourceware.org/bugzilla/show_bug.cgi?id=31040

            Bug ID: 31040
           Summary: [gdb] Make auxv parsing more strict
           Product: gdb
           Version: HEAD
            Status: NEW
          Severity: normal
          Priority: P2
         Component: gdb
          Assignee: unassigned at sourceware dot org
          Reporter: vries at gcc dot gnu.org
  Target Milestone: ---

[ See also
https://sourceware.org/pipermail/gdb-patches/2023-November/203763.html ]

The parsing of auxv is forgiving to the point that reading it with the wrong
word size (4 instead of 8) may still yield the expected result.

This is an example of making it more careful:
...
diff --git a/gdb/auxv.c b/gdb/auxv.c
index 61acd48fc98..563cf173a23 100644
--- a/gdb/auxv.c
+++ b/gdb/auxv.c
@@ -395,6 +395,19 @@ target_auxv_search (const gdb::byte_vector &auxv,
target_ops *ops,
     switch (parse_auxv (ops, gdbarch, &ptr, data + len, &type, &val))
       {
       case 1:                  /* Here's an entry, check it.  */
+       if (type == AT_NULL)
+         {
+           if (ptr == data + len)
+             {
+               /* AT_NULL found, as last entry.  */
+               return 0;
+             }
+           else
+             {
+               /* AT_NULL found, not as last entry.  */
+               return -1;
+             }
+         }
        if (type == match)
          {
            *valp = val;
@@ -402,7 +415,8 @@ target_auxv_search (const gdb::byte_vector &auxv,
target_ops *ops,
          }
        break;
       case 0:                  /* End of the vector.  */
-       return 0;
+       /* No AT_NULL found.  */
+       return -1;
       default:                 /* Bogosity.  */
        return -1;
       }
...

In other words, it returns -1 more often.  Of course that has no effect if
callers don't care if -1 is returned, so there may be work to do there as well.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2023-11-07 16:01 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-11-07 16:01 [Bug gdb/31040] New: [gdb] Make auxv parsing more strict vries at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).