This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
[PATCH][h8300, mt, tilegx, xstormy16] Replace unsafe alloca calls with xmalloc
- From: Siddhesh Poyarekar <siddhesh at redhat dot com>
- To: gdb-patches at sourceware dot org
- Date: Tue, 21 Aug 2012 19:03:21 +0530
- Subject: [PATCH][h8300, mt, tilegx, xstormy16] Replace unsafe alloca calls with xmalloc
Hi,
Here are more fixes to unsafe use of alloca in gdb for the targets
mentioned in the subject line. Like my earlier commit:
http://sourceware.org/ml/gdb-cvs/2012-07/msg00044.html
I have replaced potentially unsafe allocations on stack with
xmalloc/cleanup replacements. I have also moved value_contents calls in
those functions to before the xmalloc to ensure that the type sizes fit
into the host memory. This of course will come into play once the
changes in my earlier patch (still WIP):
http://sourceware.org/ml/gdb-patches/2012-08/msg00476.html
is committed. Until then, the value_contents change does not make any
difference.
I have only done a build test on x86_64 with --enable-targets=all to
make sure that the changes compile. I don't have a way to run the
testsuite to verify that this does not introduce any regressions.
Regards,
Siddhesh
gdb/ChangeLog:
* h8300-tdep.c (h8300_push_dummy_call): Replace unsafe alloca
with xmalloc/cleanup.
* mt-tdep.c (mt_push_dummy_call): Likewise.
* tilegx-tdep.c (tilegx_push_dummy_call): Likewise.
* xstormy16-tdep.c (xstormy16_push_dummy_call): Likewise.
? unsafe-alloca.patch
Index: gdb/h8300-tdep.c
===================================================================
RCS file: /cvs/src/src/gdb/h8300-tdep.c,v
retrieving revision 1.133
diff -u -r1.133 h8300-tdep.c
--- gdb/h8300-tdep.c 18 May 2012 21:02:47 -0000 1.133
+++ gdb/h8300-tdep.c 21 Aug 2012 13:20:50 -0000
@@ -666,13 +666,15 @@
for (argument = 0; argument < nargs; argument++)
{
+ struct cleanup *back_to;
struct type *type = value_type (args[argument]);
int len = TYPE_LENGTH (type);
char *contents = (char *) value_contents (args[argument]);
/* Pad the argument appropriately. */
int padded_len = align_up (len, wordsize);
- gdb_byte *padded = alloca (padded_len);
+ gdb_byte *padded = xmalloc (padded_len);
+ back_to = make_cleanup (xfree, padded);
memset (padded, 0, padded_len);
memcpy (len < wordsize ? padded + padded_len - len : padded,
@@ -720,6 +722,8 @@
subsequent arguments go on the stack. */
reg = E_ARGLAST_REGNUM + 1;
}
+
+ do_cleanups (back_to);
}
/* Store return address. */
Index: gdb/mt-tdep.c
===================================================================
RCS file: /cvs/src/src/gdb/mt-tdep.c,v
retrieving revision 1.40
diff -u -r1.40 mt-tdep.c
--- gdb/mt-tdep.c 16 May 2012 14:35:06 -0000 1.40
+++ gdb/mt-tdep.c 21 Aug 2012 13:20:50 -0000
@@ -845,16 +845,20 @@
for (j = nargs - 1; j >= i; j--)
{
gdb_byte *val;
+ struct cleanup *back_to;
+ const gdb_byte *contents = value_contents (args[j]);
/* Right-justify the value in an aligned-length buffer. */
typelen = TYPE_LENGTH (value_type (args[j]));
slacklen = (wordsize - (typelen % wordsize)) % wordsize;
- val = alloca (typelen + slacklen);
- memcpy (val, value_contents (args[j]), typelen);
+ val = xmalloc (typelen + slacklen);
+ back_to = make_cleanup (xfree, val);
+ memcpy (val, contents, typelen);
memset (val + typelen, 0, slacklen);
/* Now write this data to the stack. */
stack_dest -= typelen + slacklen;
write_memory (stack_dest, val, typelen + slacklen);
+ do_cleanups (back_to);
}
/* Finally, if a param needs to be split between registers and stack,
Index: gdb/tilegx-tdep.c
===================================================================
RCS file: /cvs/src/src/gdb/tilegx-tdep.c,v
retrieving revision 1.1
diff -u -r1.1 tilegx-tdep.c
--- gdb/tilegx-tdep.c 30 May 2012 19:31:44 -0000 1.1
+++ gdb/tilegx-tdep.c 21 Aug 2012 13:20:51 -0000
@@ -343,16 +343,20 @@
for (j = nargs - 1; j >= i; j--)
{
gdb_byte *val;
+ struct cleanup *back_to;
+ const gdb_byte *contents = value_contents (args[j]);
typelen = TYPE_LENGTH (value_enclosing_type (args[j]));
slacklen = ((typelen + 3) & (~3)) - typelen;
- val = alloca (typelen + slacklen);
- memcpy (val, value_contents (args[j]), typelen);
+ val = xmalloc (typelen + slacklen);
+ back_to = make_cleanup (xfree, val);
+ memcpy (val, contents, typelen);
memset (val + typelen, 0, slacklen);
/* Now write data to the stack. The stack grows downwards. */
stack_dest -= typelen + slacklen;
write_memory (stack_dest, val, typelen + slacklen);
+ do_cleanups (back_to);
}
/* Add 2 words for linkage space to the stack. */
Index: gdb/xstormy16-tdep.c
===================================================================
RCS file: /cvs/src/src/gdb/xstormy16-tdep.c,v
retrieving revision 1.118
diff -u -r1.118 xstormy16-tdep.c
--- gdb/xstormy16-tdep.c 16 May 2012 14:35:08 -0000 1.118
+++ gdb/xstormy16-tdep.c 21 Aug 2012 13:20:51 -0000
@@ -279,16 +279,20 @@
for (j = nargs - 1; j >= i; j--)
{
char *val;
+ struct cleanup *back_to;
+ const gdb_byte *bytes = value_contents (args[j]);
typelen = TYPE_LENGTH (value_enclosing_type (args[j]));
slacklen = typelen & 1;
- val = alloca (typelen + slacklen);
- memcpy (val, value_contents (args[j]), typelen);
+ val = xmalloc (typelen + slacklen);
+ back_to = make_cleanup (xfree, val);
+ memcpy (val, bytes, typelen);
memset (val + typelen, 0, slacklen);
/* Now write this data to the stack. The stack grows upwards. */
write_memory (stack_dest, val, typelen + slacklen);
stack_dest += typelen + slacklen;
+ do_cleanups (back_to);
}
store_unsigned_integer (buf, xstormy16_pc_size, byte_order, bp_addr);