This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH 2/3] bitpos: Additional checks to ensure that a type fits into size_t


Hi,

This is the updated patch based on Jan's suggestions for change. I have
not consolidated the error messages for the argument overflow and the
generic size_t overflows (or more accurately, size_t/8 overflow)
because the error text is different.

It builds correctly and does not cause regressions in the testsuite.

Regards,
Siddhesh

gdb/ChangeLog

2012-08-11  Siddhesh Poyarekar  <siddhesh@redhat.com>

	* alpha-tdep.c (alpha_push_dummy_call) Ensure that ARG_TYPE fits
	into size_t.  Check for overflow in ACCUMULATE_SIZE.
	* avr-tdep.c (avr_push_dummy_call): Ensure TYPE fits into
	size_t.
	* cp-valprint (cp_print_value): Ensure BASECLASS fits into
	size_t.
	* cris-tdep.c (cris_push_dummy_call): Ensure that arguments fit
	into size_t.
	* findcmd.c (parse_find_args): Ensure type of V fits into
	size_t.
	* gdbtypes.c (type_fits_size_t_or_error): New function that
	throws an error if a type length is larger than size_t / 8.
	* gdbtypes.h (type_fits_size_t_or_error): Likewise.
	* h8300-tdep.c (h8300_push_dummy_call): Ensure TYPE fits into
	size_t.
	(h8300h_return_value): Likewise.
	* m88k-tdep.c (m88k_store_arguments): Likewise.
	* p-valprint (pascal_object_print_value): Ensure BASECLASS fits
	into size_t.
	* sh-tdep.c (sh_push_dummy_call_fpu): Expand REG_SIZE.  Ensure
	TYPE fits into size_t.
	(sh_push_dummy_call_nofpu): Likewise.
	* valops.c (search_struct_method): Ensure BASECLASS fits into
	size_t.
	* value.c (allocate_value_lazy): Ensure TYPE fits into size_t.
	(allocate_value_contents): Likewise.
	(set_value_enclosing_type): Ensure NEW_ENCL_TYPE fits into
	size_t.
	* xstormy16-tdep.c (xstormy16_push_dummy_call): Ensure that each
	argument fits into size_t.

diff --git a/gdb/alpha-tdep.c b/gdb/alpha-tdep.c
index 7a6f38d..59ef631 100644
--- a/gdb/alpha-tdep.c
+++ b/gdb/alpha-tdep.c
@@ -397,9 +397,17 @@ alpha_push_dummy_call (struct gdbarch *gdbarch, struct value *function,
 	default:
 	  break;
 	}
+      type_fits_size_t_or_error (arg_type);
       m_arg->len = TYPE_LENGTH (arg_type);
       m_arg->offset = accumulate_size;
       accumulate_size = (accumulate_size + m_arg->len + 7) & ~7;
+
+      /* Check for overflow.  */
+      if (accumulate_size < 0)
+        error (_("Insufficient memory in GDB host for arguments, "
+		 "only %s bytes available."),
+	       plongest (SIZE_MAX / 2));
+
       m_arg->contents = value_contents (arg);
     }
 
diff --git a/gdb/avr-tdep.c b/gdb/avr-tdep.c
index b9a660a..aaac6f6 100644
--- a/gdb/avr-tdep.c
+++ b/gdb/avr-tdep.c
@@ -1295,6 +1295,7 @@ avr_push_dummy_call (struct gdbarch *gdbarch, struct value *function,
       else
         {
           /* From here on, we don't care about regnum.  */
+	  type_fits_size_t_or_error (type);
           si = push_stack_item (si, contents, len);
         }
     }
diff --git a/gdb/cp-valprint.c b/gdb/cp-valprint.c
index 8bc329e..223c2fb 100644
--- a/gdb/cp-valprint.c
+++ b/gdb/cp-valprint.c
@@ -558,6 +558,8 @@ cp_print_value (struct type *type, struct type *real_type,
 		  gdb_byte *buf;
 		  struct cleanup *back_to;
 
+		  type_fits_size_t_or_error (baseclass);
+
 		  buf = xmalloc (TYPE_LENGTH (baseclass));
 		  back_to = make_cleanup (xfree, buf);
 
diff --git a/gdb/cris-tdep.c b/gdb/cris-tdep.c
index abbcbf1..dd6a762 100644
--- a/gdb/cris-tdep.c
+++ b/gdb/cris-tdep.c
@@ -896,6 +896,7 @@ cris_push_dummy_call (struct gdbarch *gdbarch, struct value *function,
 	  /* Data passed by reference.  Push copy of data onto stack
 	     and pass pointer to this copy as argument.  */
 	  sp = (sp - len) & ~3;
+	  type_fits_size_t_or_error (value_type (args[argnum]));
 	  write_memory (sp, val, len);
 
 	  if (argreg <= ARG4_REGNUM)
@@ -914,7 +915,8 @@ cris_push_dummy_call (struct gdbarch *gdbarch, struct value *function,
         {
           /* Data passed by value.  No available registers.  Put it on
              the stack.  */
-	   si = push_stack_item (si, val, len);
+	  type_fits_size_t_or_error (value_type (args[argnum]));
+	  si = push_stack_item (si, val, len);
         }
     }
 
diff --git a/gdb/findcmd.c b/gdb/findcmd.c
index 0445e4c..36622a1 100644
--- a/gdb/findcmd.c
+++ b/gdb/findcmd.c
@@ -215,6 +215,7 @@ parse_find_args (char *args, ULONGEST *max_countp,
 	}
       else
 	{
+	  type_fits_size_t_or_error (value_type (v));
 	  memcpy (pattern_buf_end, value_contents (v), val_bytes);
 	  pattern_buf_end += val_bytes;
 	}
diff --git a/gdb/gdbtypes.c b/gdb/gdbtypes.c
index 9479098..544b1c6 100644
--- a/gdb/gdbtypes.c
+++ b/gdb/gdbtypes.c
@@ -1406,6 +1406,17 @@ lookup_struct_elt_type (struct type *type, char *name, int noerr)
   error (_("Type %s has no component named %s."), typename, name);
 }
 
+/* Ensure that the input TYPE is not larger than the maximum capacity of the
+   host system, i.e. size_t.  */
+void
+type_fits_size_t_or_error (const struct type *type)
+{
+  if (TYPE_LENGTH (type) > SIZE_MAX / 8)
+    error (_("Insufficient memory in host GDB for object of size %s bytes, "
+	     "maximum allowed %s bytes."), plongest (TYPE_LENGTH (type)),
+	   plongest (SIZE_MAX / 8));
+}
+
 /* Lookup the vptr basetype/fieldno values for TYPE.
    If found store vptr_basetype in *BASETYPEP if non-NULL, and return
    vptr_fieldno.  Also, if found and basetype is from the same objfile,
diff --git a/gdb/gdbtypes.h b/gdb/gdbtypes.h
index a728210..d71cacd 100644
--- a/gdb/gdbtypes.h
+++ b/gdb/gdbtypes.h
@@ -1658,4 +1658,6 @@ extern struct type *copy_type_recursive (struct objfile *objfile,
 
 extern struct type *copy_type (const struct type *type);
 
+extern void type_fits_size_t_or_error (const struct type *type);
+
 #endif /* GDBTYPES_H */
diff --git a/gdb/h8300-tdep.c b/gdb/h8300-tdep.c
index ee5aa2d..45cbc63 100644
--- a/gdb/h8300-tdep.c
+++ b/gdb/h8300-tdep.c
@@ -672,8 +672,11 @@ h8300_push_dummy_call (struct gdbarch *gdbarch, struct value *function,
 
       /* Pad the argument appropriately.  */
       LONGEST padded_len = align_up (len, wordsize);
+
+      /* FIXME: This alloca could be dangerous.  */
       gdb_byte *padded = alloca (padded_len);
 
+      type_fits_size_t_or_error (type);
       memset (padded, 0, padded_len);
       memcpy (len < wordsize ? padded + padded_len - len : padded,
 	      contents, len);
@@ -925,6 +928,7 @@ h8300h_return_value (struct gdbarch *gdbarch, struct value *function,
 	  ULONGEST addr;
 
 	  regcache_raw_read_unsigned (regcache, E_R0_REGNUM, &addr);
+	  type_fits_size_t_or_error (type);
 	  read_memory (addr, readbuf, TYPE_LENGTH (type));
 	}
 
diff --git a/gdb/m88k-tdep.c b/gdb/m88k-tdep.c
index c990d6b..1d7991d 100644
--- a/gdb/m88k-tdep.c
+++ b/gdb/m88k-tdep.c
@@ -336,6 +336,8 @@ m88k_store_arguments (struct regcache *regcache, int nargs,
       if (stack_word % 2 == -1 && m88k_8_byte_align_p (type))
 	stack_word++;
 
+      type_fits_size_t_or_error (type);
+
       write_memory (sp + stack_word * 4, valbuf, len);
       num_stack_words = (stack_word + (len + 3) / 4);
     }
diff --git a/gdb/p-valprint.c b/gdb/p-valprint.c
index 2f9f60d..3293b6d 100644
--- a/gdb/p-valprint.c
+++ b/gdb/p-valprint.c
@@ -801,6 +801,7 @@ pascal_object_print_value (struct type *type, const gdb_byte *valaddr,
 	      gdb_byte *buf;
 	      struct cleanup *back_to;
 
+	      type_fits_size_t_or_error (baseclass);
 	      buf = xmalloc (TYPE_LENGTH (baseclass));
 	      back_to = make_cleanup (xfree, buf);
 
diff --git a/gdb/sh-tdep.c b/gdb/sh-tdep.c
index 00d7401..f1d8c6a 100644
--- a/gdb/sh-tdep.c
+++ b/gdb/sh-tdep.c
@@ -1068,7 +1068,7 @@ sh_push_dummy_call_fpu (struct gdbarch *gdbarch,
   CORE_ADDR regval;
   char *val;
   LONGEST len;
-  int reg_size = 0;
+  ssize_t reg_size = 0;
   int pass_on_stack = 0;
   int treat_as_flt;
   int last_reg_arg = INT_MAX;
@@ -1126,6 +1126,7 @@ sh_push_dummy_call_fpu (struct gdbarch *gdbarch,
 	                            || pass_on_stack))
 	      || argnum > last_reg_arg)
 	    {
+	      type_fits_size_t_or_error (type);
 	      /* The data goes entirely on the stack, 4-byte aligned.  */
 	      reg_size = (len + 3) & ~3;
 	      write_memory (sp + stack_offset, val, reg_size);
@@ -1210,7 +1211,7 @@ sh_push_dummy_call_nofpu (struct gdbarch *gdbarch,
   CORE_ADDR regval;
   char *val;
   LONGEST len;
-  int reg_size = 0;
+  ssize_t reg_size = 0;
   int pass_on_stack = 0;
   int last_reg_arg = INT_MAX;
 
@@ -1254,6 +1255,7 @@ sh_push_dummy_call_nofpu (struct gdbarch *gdbarch,
 	    {
 	      /* The remainder of the data goes entirely on the stack,
 	         4-byte aligned.  */
+	      type_fits_size_t_or_error (type);
 	      reg_size = (len + 3) & ~3;
 	      write_memory (sp + stack_offset, val, reg_size);
 	      stack_offset += reg_size;
diff --git a/gdb/valops.c b/gdb/valops.c
index 36fe229..0ecd77b 100644
--- a/gdb/valops.c
+++ b/gdb/valops.c
@@ -2288,6 +2288,7 @@ search_struct_method (const char *name, struct value **arg1p,
 	      struct cleanup *back_to;
 	      CORE_ADDR address;
 
+	      type_fits_size_t_or_error (baseclass);
 	      tmp = xmalloc (TYPE_LENGTH (baseclass));
 	      back_to = make_cleanup (xfree, tmp);
 	      address = value_address (*arg1p);
diff --git a/gdb/value.c b/gdb/value.c
index 3fddba0..8444cb7 100644
--- a/gdb/value.c
+++ b/gdb/value.c
@@ -662,6 +662,7 @@ allocate_value_lazy (struct type *type)
      description correctly.  */
   check_typedef (type);
 
+  type_fits_size_t_or_error (type);
   val = (struct value *) xzalloc (sizeof (struct value));
   val->contents = NULL;
   val->next = all_values;
@@ -693,6 +694,8 @@ allocate_value_lazy (struct type *type)
 void
 allocate_value_contents (struct value *val)
 {
+  type_fits_size_t_or_error (val->enclosing_type);
+
   if (!val->contents)
     val->contents = (gdb_byte *) xzalloc (TYPE_LENGTH (val->enclosing_type));
 }
@@ -2596,8 +2599,12 @@ void
 set_value_enclosing_type (struct value *val, struct type *new_encl_type)
 {
   if (TYPE_LENGTH (new_encl_type) > TYPE_LENGTH (value_enclosing_type (val))) 
-    val->contents =
-      (gdb_byte *) xrealloc (val->contents, TYPE_LENGTH (new_encl_type));
+    {
+      type_fits_size_t_or_error (new_encl_type);
+
+      val->contents =
+	(gdb_byte *) xrealloc (val->contents, TYPE_LENGTH (new_encl_type));
+    }
 
   val->enclosing_type = new_encl_type;
 }
diff --git a/gdb/xstormy16-tdep.c b/gdb/xstormy16-tdep.c
index d73e2d6..33d1e83 100644
--- a/gdb/xstormy16-tdep.c
+++ b/gdb/xstormy16-tdep.c
@@ -285,6 +285,9 @@ xstormy16_push_dummy_call (struct gdbarch *gdbarch,
 
       typelen = TYPE_LENGTH (value_enclosing_type (args[j]));
       slacklen = typelen & 1;
+      type_fits_size_t_or_error (value_enclosing_type (args[j]));
+
+      /* FIXME: This alloca is dangerous.  */
       val = alloca (typelen + slacklen);
       memcpy (val, value_contents (args[j]), typelen);
       memset (val + typelen, 0, slacklen);

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]