yann@570
|
1 |
Original patch from gentoo: gentoo/src/patchsets/gdb/6.8/80_all_gdb-6.5-dwarf-stack-overflow.patch
|
yann@570
|
2 |
-= BEGIN original header =-
|
yann@570
|
3 |
http://bugs.gentoo.org/144833
|
yann@570
|
4 |
|
yann@570
|
5 |
for gdb/ChangeLog:
|
yann@570
|
6 |
2006-08-22 Will Drewry <wad@google.com>
|
yann@570
|
7 |
Tavis Ormandy <taviso@google.com>
|
yann@570
|
8 |
|
yann@570
|
9 |
* dwarf2read.c (decode_locdesc): Enforce location description stack
|
yann@570
|
10 |
boundaries.
|
yann@570
|
11 |
* dwarfread.c (locval): Likewise.
|
yann@570
|
12 |
|
yann@570
|
13 |
-= END original header =-
|
yann@570
|
14 |
diff -durN gdb-6.8.orig/gdb/dwarf2read.c gdb-6.8/gdb/dwarf2read.c
|
yann@570
|
15 |
--- gdb-6.8.orig/gdb/dwarf2read.c 2008-03-10 15:18:10.000000000 +0100
|
yann@570
|
16 |
+++ gdb-6.8/gdb/dwarf2read.c 2008-06-17 16:07:31.000000000 +0200
|
yann@570
|
17 |
@@ -9124,8 +9124,7 @@
|
yann@570
|
18 |
callers will only want a very basic result and this can become a
|
yann@570
|
19 |
complaint.
|
yann@570
|
20 |
|
yann@570
|
21 |
- Note that stack[0] is unused except as a default error return.
|
yann@570
|
22 |
- Note that stack overflow is not yet handled. */
|
yann@570
|
23 |
+ Note that stack[0] is unused except as a default error return. */
|
yann@570
|
24 |
|
yann@570
|
25 |
static CORE_ADDR
|
yann@570
|
26 |
decode_locdesc (struct dwarf_block *blk, struct dwarf2_cu *cu)
|
yann@570
|
27 |
@@ -9142,7 +9141,7 @@
|
yann@570
|
28 |
|
yann@570
|
29 |
i = 0;
|
yann@570
|
30 |
stacki = 0;
|
yann@570
|
31 |
- stack[stacki] = 0;
|
yann@570
|
32 |
+ stack[++stacki] = 0;
|
yann@570
|
33 |
|
yann@570
|
34 |
while (i < size)
|
yann@570
|
35 |
{
|
yann@570
|
36 |
@@ -9324,6 +9323,16 @@
|
yann@570
|
37 |
dwarf_stack_op_name (op));
|
yann@570
|
38 |
return (stack[stacki]);
|
yann@570
|
39 |
}
|
yann@570
|
40 |
+ /* Enforce maximum stack depth of size-1 to avoid ++stacki writing
|
yann@570
|
41 |
+ outside of the allocated space. Also enforce minimum > 0.
|
yann@570
|
42 |
+ -- wad@google.com 14 Aug 2006 */
|
yann@570
|
43 |
+ if (stacki >= sizeof (stack) / sizeof (*stack) - 1)
|
yann@570
|
44 |
+ internal_error (__FILE__, __LINE__,
|
yann@570
|
45 |
+ _("location description stack too deep: %d"),
|
yann@570
|
46 |
+ stacki);
|
yann@570
|
47 |
+ if (stacki <= 0)
|
yann@570
|
48 |
+ internal_error (__FILE__, __LINE__,
|
yann@570
|
49 |
+ _("location description stack too shallow"));
|
yann@570
|
50 |
}
|
yann@570
|
51 |
return (stack[stacki]);
|
yann@570
|
52 |
}
|