espressif/binutils-gdb
1
0
Fork 0
mirror of https://github.com/espressif/binutils-gdb.git synced 2025-06-23 19:50:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix gdb_bfd_section_index for special sections

Browse Source 
Indexes returned for special sections are off by one, i.e. with N+4
sections last one has index N+4 returned which is outside allocated
obstack (at the same time index N is not used at all).

In worst case, if sections obstack is allocated up to end of chunk,
writing last section data will cause buffer overrun and some data
corruption.

Here's output from Valgrind::

==14630== Invalid write of size 8
==14630==    at 0x551B1A: add_to_objfile_sections_full (objfiles.c:225)
==14630==    by 0x552768: allocate_objfile (objfiles.c:324)
==14630==    by 0x4E8E2E: symbol_file_add_with_addrs (symfile.c:1171)
==14630==    by 0x4E9453: symbol_file_add_from_bfd (symfile.c:1280)
==14630==    by 0x4E9453: symbol_file_add (symfile.c:1295)
==14630==    by 0x4E94B7: symbol_file_add_main_1 (symfile.c:1320)
==14630==    by 0x514246: catch_command_errors_const (main.c:398)
==14630==    by 0x5150AA: captured_main (main.c:1061)
==14630==    by 0x51123C: catch_errors (exceptions.c:240)
==14630==    by 0x51569A: gdb_main (main.c:1164)
==14630==    by 0x408824: main (gdb.c:32)
==14630==  Address 0x635f3b8 is 8 bytes after a block of size 4,064 alloc'd
==14630==    at 0x4C2ABA0: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14630==    by 0x60F797: xmalloc (common-utils.c:41)
==14630==    by 0x5E787FB: _obstack_begin (obstack.c:184)
==14630==    by 0x552679: allocate_objfile (objfiles.c:294)
==14630==    by 0x4E8E2E: symbol_file_add_with_addrs (symfile.c:1171)
==14630==    by 0x4E9453: symbol_file_add_from_bfd (symfile.c:1280)
==14630==    by 0x4E9453: symbol_file_add (symfile.c:1295)
==14630==    by 0x4E94B7: symbol_file_add_main_1 (symfile.c:1320)
==14630==    by 0x514246: catch_command_errors_const (main.c:398)
==14630==    by 0x5150AA: captured_main (main.c:1061)
==14630==    by 0x51123C: catch_errors (exceptions.c:240)
==14630==    by 0x51569A: gdb_main (main.c:1164)
==14630==    by 0x408824: main (gdb.c:32)

gdb/ChangeLog:
	* gdb_bfd.c (gdb_bfd_section_index): Fix off-by-one for special
	sections.
This commit is contained in:
Andrzej Kaczmarek
2015-03-27 12:09:02 +00:00
committed by Pedro Alves
parent 72a9c03c27
commit ce9c0ca18f
2 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
gdb/ChangeLog
View File

@ -1,3 +1,8 @@
2015-03-27 Andrzej Kaczmarek <andrzej.kaczmarek@tieto.com>
* gdb_bfd.c (gdb_bfd_section_index): Fix off-by-one for special
sections.
2015-03-26 Joel Brobecker <brobecker@adacore.com> 2015-03-26 Joel Brobecker <brobecker@adacore.com>
* dtrace-probe.c (dtrace_process_dof_probe): Contain any * dtrace-probe.c (dtrace_process_dof_probe): Contain any

8
gdb/gdb_bfd.c
View File

@ -616,13 +616,13 @@ gdb_bfd_section_index (bfd *abfd, asection *section)
if (section == NULL) if (section == NULL)
return -1; return -1;
else if (section == bfd_com_section_ptr) else if (section == bfd_com_section_ptr)
return bfd_count_sections (abfd) + 1; return bfd_count_sections (abfd);
else if (section == bfd_und_section_ptr) else if (section == bfd_und_section_ptr)
return bfd_count_sections (abfd) + 2; return bfd_count_sections (abfd) + 1;
else if (section == bfd_abs_section_ptr) else if (section == bfd_abs_section_ptr)
return bfd_count_sections (abfd) + 3; return bfd_count_sections (abfd) + 2;
else if (section == bfd_ind_section_ptr) else if (section == bfd_ind_section_ptr)
return bfd_count_sections (abfd) + 4; return bfd_count_sections (abfd) + 3;
return section->index; return section->index;
} }