This is the mail archive of the archer@sourceware.org mailing list for the Archer project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[delayed-symfile] handle incorrect aranges

From: Tom Tromey <tromey at redhat dot com>
To: Project Archer <archer at sourceware dot org>
Date: Thu, 13 Aug 2009 13:52:42 -0600
Subject: [delayed-symfile] handle incorrect aranges
Reply-to: Tom Tromey <tromey at redhat dot com>

I'm checking this in on the delayed-symfile branch.

Jan, I think you probably ought to merge this.

It turns out that older versions of GCC could generate a bogus
.debug_aranges section.  E.g., I have an oldish library that has:

    Contents of the .debug_aranges section:

      Length:                   1516
      Version:                  2
      Offset into .debug_info:  0x0
      Pointer Size:             8
      Segment Size:             0

        Address            Length
        0000000000000000 0000000000000000 
        000000000004f730 0000000000000008 
        000000000004f740 0000000000000008 
    [...]

This is bogus because a (0,0) entry marks the end of the section.

The bug is that a section like this would cause gdb to hang.

This patch adds some more sanity checking while we read .debug_aranges.
If anything is amiss, we just discard what we've read and return.  This
is safe, it just means we're falling back to the old, slow path.

Tom

2009-08-13  Tom Tromey  <tromey@redhat.com>

	* dwarf2read.c (dwarf2_create_quick_addrmap): Sanity-check aranges
	section.

diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c
index 69328f4..2272259 100644
--- a/gdb/dwarf2read.c
+++ b/gdb/dwarf2read.c
@@ -1421,9 +1421,21 @@ dwarf2_create_quick_addrmap (struct objfile *objfile)
       unsigned int bytes_read, segment_size, delta;
       LONGEST info_offset;
       struct dwarf2_cu cu;
+      char *end_ptr;
 
       cu_header.initial_length_size = 0;
+      end_ptr = aranges_ptr;
       aranges_ptr = read_comp_unit_head (&cu_header, aranges_ptr, abfd);
+      end_ptr += cu_header.initial_length_size + cu_header.length;
+
+      /* Sanity check.  */
+      if (end_ptr - aranges_ptr >= dwarf2_per_objfile->aranges.size)
+	{
+	  do_cleanups (old);
+	  complaint (&symfile_complaints,
+		     _("aranges entry runs off end of `.debug_aranges' section, ignored"));
+	  return;
+	}
 
       segment_size = read_1_byte (abfd, aranges_ptr);
       aranges_ptr += 1;
@@ -1454,6 +1466,18 @@ dwarf2_create_quick_addrmap (struct objfile *objfile)
 
 	  addrmap_set_empty (mutable_map, address, address + length, objfile);
 	}
+
+      /* Some older versions of GCC incorrectly started the arange
+	 with a (0,0) pair.  If we encounter any oddity while reading
+	 the section, just abandon the attempt; falling back to the
+	 slower code is always safe.  */
+      if (aranges_ptr != end_ptr)
+	{
+	  do_cleanups (old);
+	  complaint (&symfile_complaints,
+		     _("aranges entry ends early, ignored"));
+	  return;
+	}
     }
 
   objfile->quick_addrmap = addrmap_create_fixed (mutable_map,

Follow-Ups:
- Re: [delayed-symfile] handle incorrect aranges
  - From: Jan Kratochvil

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]