[PATCH] readelf: Return correct readp (or readendp) from print_form_data.
print_form_data returns the new readp (or readendp on error) to show how
much data was consumed. But when reading the .debug_str_offsets section
we would reuse readp and readendp. This meant the wrong readp would be
returned to the caller.
Signed-off-by: Mark Wielaard
---
src/ChangeLog | 5 +
src/readelf.c | 10 +-
2 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/src/ChangeLog b/src/ChangeLog
index 6484b9a..fd45405 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,8 @@
+2018-06-11 Mark Wielaard
+
+ * readelf.c (print_form_data): Don't reuse readp and readendp when
+ reading str_offsets section.
+
2018-06-10 Mark Wielaard
* readelf.c (print_form_data): Don't cast value to ptrdiff_t, cast
diff --git a/src/readelf.c b/src/readelf.c
index fbda6c1..f185897 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -7986,17 +7986,17 @@ print_form_data (Dwarf *dbg, int form, const unsigned
char *readp,
str = "???";
else
{
- readp = data->d_buf + str_offsets_base + val;
- readendp = data->d_buf + data->d_size;
- if ((size_t) (readendp - readp) < offset_len)
+ const unsigned char *strreadp = data->d_buf + str_offsets_base + val;
+ const unsigned char *strreadendp = data->d_buf + data->d_size;
+ if ((size_t) (strreadendp - strreadp) < offset_len)
str = "???";
else
{
Dwarf_Off idx;
if (offset_len == 8)
- idx = read_8ubyte_unaligned_inc (dbg, readp);
+ idx = read_8ubyte_unaligned_inc (dbg, strreadp);
else
- idx = read_4ubyte_unaligned_inc (dbg, readp);
+ idx = read_4ubyte_unaligned_inc (dbg, strreadp);
data = dbg->sectiondata[IDX_debug_str];
if (data == NULL || idx >= data->d_size
--
1.8.3.1
[PATCH] Prepare for 0.172.
It has been only 10 days since the previous release and there are
no functional changes compared to 0.171. The speedup of eu-readelf -N
is pretty nice. And ~25 patches fix various bugs (hangs and crashes)
in dealing with bad DWARF5 data. Most have been found by running the
afl fuzzer on eu-readelf and various testcases.
Signed-off-by: Mark Wielaard
---
ChangeLog | 5 +
NEWS| 9 +
config/ChangeLog| 4 +
config/elfutils.spec.in | 7 +
configure.ac| 2 +-
po/ChangeLog| 4 +
po/de.po| 894 +++
po/es.po| 908 +++
po/ja.po| 902 +++
po/pl.po| 910
po/uk.po| 910
11 files changed, 2289 insertions(+), 2266 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 7ac55ed..696f31e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2018-06-11 Mark Wielaard
+
+ * configure.ac: Set version to 0.172.
+ * NEWS: Mention bug fixes.
+
2018-06-01 Mark Wielaard
* configure.ac: Set version to 0.171.
diff --git a/NEWS b/NEWS
index e84ded5..2b7f442 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,12 @@
+Version 0.172
+
+No functional changes compared to 0.171.
+
+Various bug fixes in libdw and eu-readelf dealing with bad DWARF5 data.
+Thanks to running the afl fuzzer on eu-readelf and various testcases.
+
+eu-readelf -N is ~15% faster.
+
Version 0.171
DWARF5 and split dwarf, including GNU DebugFission, are supported now.
diff --git a/config/ChangeLog b/config/ChangeLog
index 5b3d83e..0e9cc28 100644
--- a/config/ChangeLog
+++ b/config/ChangeLog
@@ -1,3 +1,7 @@
+2018-06-11 Mark Wielaard
+
+ * elfutils.spec.in: Update for 0.172.
+
2018-06-01 Mark Wielaard
* elfutils.spec.in: Update for 0.171.
diff --git a/config/elfutils.spec.in b/config/elfutils.spec.in
index 4c49a14..8e41f46 100644
--- a/config/elfutils.spec.in
+++ b/config/elfutils.spec.in
@@ -227,6 +227,13 @@ rm -rf ${RPM_BUILD_ROOT}
%{_sysctldir}/10-default-yama-scope.conf
%changelog
+* Mon Jun 11 2018 Mark Wielaard 0.172-1
+- No functional changes compared to 0.171.
+- Various bug fixes in libdw and eu-readelf dealing with bad DWARF5
+ data. Thanks to running the afl fuzzer on eu-readelf and various
+ testcases.
+- eu-readelf -N is ~15% faster.
+
* Fri Jun 01 2018 Mark Wielaard 0.171-1
- DWARF5 and split dwarf, including GNU DebugFission, support.
- readelf: Handle all new DWARF5 sections.
diff --git a/configure.ac b/configure.ac
index 183ffb5..0ee16df 100644
--- a/configure.ac
+++ b/configure.ac
@@ -17,7 +17,7 @@ dnl GNU General Public License for more details.
dnl
dnl You should have received a copy of the GNU General Public License
dnl along with this program. If not, see
Re: [PATCH] libdw: Break long or circular DIE ref chains in dwarf_[has]attr_integrate.
On Sun, 2018-06-10 at 17:01 +0200, Mark Wielaard wrote: > Bad DWARF could create a very long or circular DIE ref chain by linking > DW_AT_abstract_origin or DW_AT_specification to the DIE itself. Break > the chain after seeing a large number (16) of DIEs. Pushed to master.
Re: [PATCH] readelf: Fix bounds check in print_form_data.
On Mon, 2018-06-11 at 02:18 +0200, Mark Wielaard wrote: > The afl fuzzer found that we did a wrong check in print_form_data when > comparing the remaining bytes in the buffer to an (unsigned) value read. > We were casting the value to ptrdiff_t which is a signed value and so > might turn a really big unsigned value into a negative number. Since we > know the difference between readendp and readp is zero or greater, we > should cast the pointer difference to size_t (and unsigned type) instead > before comparing with the unsigned value. Pushed to master
Re: [PATCH] readelf: Return correct readp (or readendp) from print_form_data.
On Mon, Jun 11, 2018 at 11:33:14AM +0200, Mark Wielaard wrote: > print_form_data returns the new readp (or readendp on error) to show how > much data was consumed. But when reading the .debug_str_offsets section > we would reuse readp and readendp. This meant the wrong readp would be > returned to the caller. Pushed to master.
elfutils 0.172 released
ELFUTILS 0.172 - http://elfutils.org/ A new release of elfutils is available at: ftp://sourceware.org/pub/elfutils/0.172/ or https://sourceware.org/elfutils/ftp/0.172/ * NEWS * No functional changes compared to 0.171. Various bug fixes in libdw and eu-readelf dealing with bad DWARF5 data. Thanks to running the afl fuzzer on eu-readelf and various testcases. eu-readelf -N is ~15% faster. * GIT SHORTLOG * Mark Wielaard (31): tests: Drop shared libraries from self_test_files_exe. readelf: Call __fsetlocking (stdout, FSETLOCKING_BYCALLER). readelf: Lookup gettext "yes" and "no" only once. readelf: Don't allocate string with asprintf, but reuse buffer with sprintf. readelf: Lookup "no" translation for no_str, not "yes". libdwfl: Make __libdwfl_addrsym a static function in dwfl_module_addrsym.c readelf: Make room for DW_MACRO_hi_user opcode if used. libdw: Make sure id_path can contain max number of build id bytes. readelf: Don't leak lengths array when detecting an invalid hash chain. libdw: Make sure dirarray is always properly freed in dwarf_getsrclines. libdw: Don't leak arange if we cannot figure out which CU it belongs. readelf: Set begin properly for DW_LLE_GNU_start_end_entry on addrx failure. readelf: Always initialize .debug_addr unit_length, even without header. libdw: Explicitly check we could decode diridx in dwarf_getsrclines. tests: Use error, not assert, when trying to print a non-base type DIE. libdw: Report error in dwarf_getlocation_die for bogus opcode offset. libdw: Check DIE address fall inside the CU before reading abbrev. libdw: Make sure that address_size and offset_size are 4 or 8 bytes. readelf: Turn format_print_dwarf into print_dwarf_addr. libdw: Return an error in dwarf_getlocation_attr for missing .debug_addr. readelf, libdw: Handle too many directories or files in the line table better. tests: Fix cfi_debug_bias assert in varlocs. libdw: Detect bad DWARF in store_implicit_value. libdw: dwarf_get_units should handle existing failure to open Dwarf. libdw: Check validity of dwarf_getabbrev arguments. tests: Don't assert on bad DW_OP_GNU_parameter_ref target in varlocs. readelf: Calculate max_entries instead of needed bytes (and overflowing). libdw: Break long or circular DIE ref chains in dwarf_[has]attr_integrate. readelf: Fix bounds check in print_form_data. readelf: Return correct readp (or readendp) from print_form_data. Prepare for 0.172. signature.asc Description: This is a digitally signed message part
