date:20171208

[Bug libdw/22546] dwarf_aggregate_size() doesn't work for multi-dimensional arrays

2017-12-08 Thread sourceware at dima dot secretsauce.net

https://sourceware.org/bugzilla/show_bug.cgi?id=22546

--- Comment #3 from dima kogan  ---
Created attachment 10672
  --> https://sourceware.org/bugzilla/attachment.cgi?id=10672&action=edit
Update to the test suite to show this problem

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Bug libdw/22546] dwarf_aggregate_size() doesn't work for multi-dimensional arrays

2017-12-08 Thread sourceware at dima dot secretsauce.net

https://sourceware.org/bugzilla/show_bug.cgi?id=22546

--- Comment #4 from dima kogan  ---
Here's a patch to add the failing case to the test suite. This test update
fails in the stock sources, but succeeds with my patch applied. Note that this
patch contains a diff to a binary file (that's how the test suite works), and
this binary piece will be recognized by 'git am' only.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[PATCH 1/2] Don't overflow in __libdw_in_section

2017-12-08 Thread Ulf Hermann


This exposes a bug in dwarf_formstring as detected by the
dwarf-getmacros test. We cannot unconditionally assume that a string is
in either the IDX_debug_info or the IDX_debug_types section as
determined by cu_sec_idx.

Change-Id: I6544d42b719587dd94330db484512bde6ce34e55
---
 libdw/ChangeLog | 4 
 libdw/libdwP.h  | 3 ++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 4375244..996cd2e 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,7 @@
+2017-05-09  Ulf Hermann  
+
+	* libdwP.h: Fix check for the upper border of the range in 
__libdw_in_section.

+
 2017-11-03  Mark Wielaard  
* dwarf_getlocation.c (__libdw_intern_expression): Handle
diff --git a/libdw/libdwP.h b/libdw/libdwP.h
index 78c0013..e092d8e 100644
--- a/libdw/libdwP.h
+++ b/libdw/libdwP.h
@@ -643,7 +643,8 @@ __libdw_in_section (Dwarf *dbg, int sec_index,
   if (data == NULL)
 return false;
   if (unlikely (addr < data->d_buf)
-  || unlikely (data->d_size - (addr - data->d_buf) < size))
+  || unlikely (data->d_size < size)
+  || unlikely ((size_t)(addr - data->d_buf) > data->d_size - size))
 {
   __libdw_seterrno (DWARF_E_INVALID_OFFSET);
   return false;
--
2.8.1.windows.1

[PATCH 2/2] Generalize cu_sec_idx

2017-12-08 Thread Ulf Hermann


Apparently CUs can appear in other sections than IDX_debug_info and
IDX_types. Rather than relying on the indirect indication provided by
type_offset we compare the addresses directly to figure out which
section a given CU belongs to.

This fixes the dwarf-getmacros test.

Change-Id: I83260622b55d3778a38cd46427dba158d186c51e
---
 libdw/ChangeLog |  4 
 libdw/libdwP.h  | 12 +++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 996cd2e..508bf9c 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,7 @@
+2017-12-08  Ulf Hermann  
+
+   * libdwP.h: Generalize cu_sec_idx to check all sections.
+
 2017-05-09  Ulf Hermann  
  	* libdwP.h: Fix check for the upper border of the range in 
__libdw_in_section.

diff --git a/libdw/libdwP.h b/libdw/libdwP.h
index e092d8e..8f3a95c 100644
--- a/libdw/libdwP.h
+++ b/libdw/libdwP.h
@@ -715,7 +715,17 @@ __libdw_read_offset (Dwarf *dbg, Dwarf *dbg_ret,
 static inline size_t
 cu_sec_idx (struct Dwarf_CU *cu)
 {
-  return cu->type_offset == 0 ? IDX_debug_info : IDX_debug_types;
+  for (int sec_index = IDX_debug_info; sec_index < IDX_last; ++sec_index)
+{
+  Elf_Data *data = cu->dbg->sectiondata[sec_index];
+  if (data != NULL && data->d_buf != NULL
+  && cu->startp >= data->d_buf
+  && cu->startp < data->d_buf + data->d_size)
+{
+  return sec_index;
+}
+}
+  return IDX_last;
 }
  static inline bool
--
2.8.1.windows.1

[PATCH 1/2 v2] Don't overflow in __libdw_in_section

2017-12-08 Thread Ulf Hermann


This exposes a bug in dwarf_formstring as detected by the dwarf-getmacros
test. We cannot unconditionally assume that a string is in either the
IDX_debug_info or the IDX_debug_types section as determined by
cu_sec_idx.

(Signed-off instead of Change-Id ...)

Signed-off-by: Ulf Hermann 
---
 libdw/ChangeLog | 4 
 libdw/libdwP.h  | 3 ++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 4375244..996cd2e 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,7 @@
+2017-05-09  Ulf Hermann  
+
+	* libdwP.h: Fix check for the upper border of the range in 
__libdw_in_section.

+
 2017-11-03  Mark Wielaard  
* dwarf_getlocation.c (__libdw_intern_expression): Handle
diff --git a/libdw/libdwP.h b/libdw/libdwP.h
index 78c0013..e092d8e 100644
--- a/libdw/libdwP.h
+++ b/libdw/libdwP.h
@@ -643,7 +643,8 @@ __libdw_in_section (Dwarf *dbg, int sec_index,
   if (data == NULL)
 return false;
   if (unlikely (addr < data->d_buf)
-  || unlikely (data->d_size - (addr - data->d_buf) < size))
+  || unlikely (data->d_size < size)
+  || unlikely ((size_t)(addr - data->d_buf) > data->d_size - size))
 {
   __libdw_seterrno (DWARF_E_INVALID_OFFSET);
   return false;
--
2.8.1.windows.1

[PATCH 2/2 v2] Generalize cu_sec_idx

2017-12-08 Thread Ulf Hermann


Apparently CUs can appear in other sections than IDX_debug_info and
IDX_types. Rather than relying on the indirect indication provided by
type_offset we compare the addresses directly to figure out which section
a given CU belongs to.

This fixes the dwarf-getmacros test.

(Signed-off instead of Change-Id ...)

Signed-off-by: Ulf Hermann 
---
 libdw/ChangeLog |  4 
 libdw/libdwP.h  | 12 +++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index 996cd2e..508bf9c 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,7 @@
+2017-12-08  Ulf Hermann  
+
+   * libdwP.h: Generalize cu_sec_idx to check all sections.
+
 2017-05-09  Ulf Hermann  
  	* libdwP.h: Fix check for the upper border of the range in 
__libdw_in_section.

diff --git a/libdw/libdwP.h b/libdw/libdwP.h
index e092d8e..8f3a95c 100644
--- a/libdw/libdwP.h
+++ b/libdw/libdwP.h
@@ -715,7 +715,17 @@ __libdw_read_offset (Dwarf *dbg, Dwarf *dbg_ret,
 static inline size_t
 cu_sec_idx (struct Dwarf_CU *cu)
 {
-  return cu->type_offset == 0 ? IDX_debug_info : IDX_debug_types;
+  for (int sec_index = IDX_debug_info; sec_index < IDX_last; ++sec_index)
+{
+  Elf_Data *data = cu->dbg->sectiondata[sec_index];
+  if (data != NULL && data->d_buf != NULL
+  && cu->startp >= data->d_buf
+  && cu->startp < data->d_buf + data->d_size)
+{
+  return sec_index;
+}
+}
+  return IDX_last;
 }
  static inline bool
--
2.8.1.windows.1

[Bug libdw/22546] dwarf_aggregate_size() doesn't work for multi-dimensional arrays

[Bug libdw/22546] dwarf_aggregate_size() doesn't work for multi-dimensional arrays

[PATCH 1/2] Don't overflow in __libdw_in_section

[PATCH 2/2] Generalize cu_sec_idx

[PATCH 1/2 v2] Don't overflow in __libdw_in_section

[PATCH 2/2 v2] Generalize cu_sec_idx

6 matches

Site Navigation

Mail list logo

Footer information