Re: [PATCH] readelf: Calculate max_entries instead of needed bytes (and overflowing).

On Fri, 2018-06-08 at 23:33 +0200, Mark Wielaard wrote: > The afl fuzzer found that we would overflow the needed bytes when > calculating how many index entries would fit in the .debug_loclists > and .debug_rnglists tables. To fix this just calculate the max number > of entries. If the offset entry

Re: [PATCH] tests: Don't assert on bad DW_OP_GNU_parameter_ref target in varlocs.

On Fri, 2018-06-08 at 21:18 +0200, Mark Wielaard wrote: > If the target of a DW_OP_GNU_parameter_ref isn't a DW_TAG_formal_parameter > that is bad data (which varlocs should error on). But it isn't an internal > consistency check (for which varlocs should assert). Pushed to master.

Re: [PATCH] libdw: Check validity of dwarf_getabbrev arguments.

On Fri, 2018-06-08 at 20:47 +0200, Mark Wielaard wrote: > When the given Dwarf_Die was invalid we might crash and when the offset > was totally bogus we might succeed with a random abbrev. Pushed to master.

Re: [PATCH] libdw: dwarf_get_units should handle existing failure to open Dwarf.

On Fri, 2018-06-08 at 20:45 +0200, Mark Wielaard wrote: > The other dwarf unit/cu iterators handle a NULL Dwarf handle as an > existing error and return NULL. Don't crash. Pushed to master.

[PATCH] readelf: Fix bounds check in print_form_data.

The afl fuzzer found that we did a wrong check in print_form_data when comparing the remaining bytes in the buffer to an (unsigned) value read. We were casting the value to ptrdiff_t which is a signed value and so might turn a really big unsigned value into a negative number. Since we know the diff

Re: [PATCH] libdw: Detect bad DWARF in store_implicit_value.

On Fri, Jun 08, 2018 at 04:18:58PM +0200, Mark Wielaard wrote: > The afl fuzzer running against the varlocs test detected we didn't report > the value block of a DW_OP_implicit_value consistently when the DWARF was > bad. Although this doesn't cause a crash it might result in consumers > using dwar

Re: [PATCH] tests: Fix cfi_debug_bias assert in varlocs.

On Fri, Jun 08, 2018 at 04:06:55PM +0200, Mark Wielaard wrote: > It is only a consistency issue if we actually have an cfi_debug and the > cfi_debug_bias is not zero (because they come from the same file as the > other debug data). Pushed to master.

Re: [PATCH] readelf, libdw: Handle too many directories or files in the line table better.

On Fri, Jun 08, 2018 at 04:06:29PM +0200, Mark Wielaard wrote: > The afl fuzzer found that the way we handle "too many" directories or files > in the (DWARF5 style) line table badly. In the case of eu-readelf we would > print an endless stream of "bad directory" or "bad file". Just stop printing >

[PATCH] libdw: Break long or circular DIE ref chains in dwarf_[has]attr_integrate.

Bad DWARF could create a very long or circular DIE ref chain by linking DW_AT_abstract_origin or DW_AT_specification to the DIE itself. Break the chain after seeing a large number (16) of DIEs. Signed-off-by: Mark Wielaard --- libdw/ChangeLog | 6 ++ libdw/dwarf_attr_integrat

Re: [PATCH] libdw: Return an error in dwarf_getlocation_attr for missing .debug_addr.

On Fri, 2018-06-08 at 11:55 +0200, Mark Wielaard wrote: > When constructing a "fake" Dwarf_Attribute for DW_OP_GNU_const_index, > DW_OP_constx, DW_OP_GNU_addr_index or DW_OP_addrx, we would create a > fake attribute pointing to the actual data in the .debug_addr section. > > We would even do that