From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 576DD38323EC; Tue, 7 Nov 2023 16:01:33 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 576DD38323EC DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1699372893; bh=dXBDEih+YTnd0oqswGOYU6jomoiBd3liXI9+ikwttgY=; h=From:To:Subject:Date:From; b=hLVcfplPgMrR6FiyMWSDI4RCmk++4bED+uBNXdh0WHpXboCDverylV0cCJ+pYw7n/ Qwmsi8rGACUySYy8EVMOcqGIK3KP4FPB8kP3BzGjEQzl36lAkRY6zgIlVR1Ob53028 WsddH36TVgCfQiCM1qNgyxMeaDqHtpYspcdrpdIY= From: "vries at gcc dot gnu.org" To: gdb-prs@sourceware.org Subject: [Bug gdb/31040] New: [gdb] Make auxv parsing more strict Date: Tue, 07 Nov 2023 16:01:32 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gdb X-Bugzilla-Component: gdb X-Bugzilla-Version: HEAD X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: vries at gcc dot gnu.org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter target_milestone Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://sourceware.org/bugzilla/show_bug.cgi?id=3D31040 Bug ID: 31040 Summary: [gdb] Make auxv parsing more strict Product: gdb Version: HEAD Status: NEW Severity: normal Priority: P2 Component: gdb Assignee: unassigned at sourceware dot org Reporter: vries at gcc dot gnu.org Target Milestone: --- [ See also https://sourceware.org/pipermail/gdb-patches/2023-November/203763.html ] The parsing of auxv is forgiving to the point that reading it with the wrong word size (4 instead of 8) may still yield the expected result. This is an example of making it more careful: ... diff --git a/gdb/auxv.c b/gdb/auxv.c index 61acd48fc98..563cf173a23 100644 --- a/gdb/auxv.c +++ b/gdb/auxv.c @@ -395,6 +395,19 @@ target_auxv_search (const gdb::byte_vector &auxv, target_ops *ops, switch (parse_auxv (ops, gdbarch, &ptr, data + len, &type, &val)) { case 1: /* Here's an entry, check it. */ + if (type =3D=3D AT_NULL) + { + if (ptr =3D=3D data + len) + { + /* AT_NULL found, as last entry. */ + return 0; + } + else + { + /* AT_NULL found, not as last entry. */ + return -1; + } + } if (type =3D=3D match) { *valp =3D val; @@ -402,7 +415,8 @@ target_auxv_search (const gdb::byte_vector &auxv, target_ops *ops, } break; case 0: /* End of the vector. */ - return 0; + /* No AT_NULL found. */ + return -1; default: /* Bogosity. */ return -1; } ... In other words, it returns -1 more often. Of course that has no effect if callers don't care if -1 is returned, so there may be work to do there as w= ell. --=20 You are receiving this mail because: You are on the CC list for the bug.=