This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
[Bug gdb/11092] New: c_printstr in c-lang.c length parameter can overflow
- From: "pmuldoon at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: gdb-prs at sourceware dot org
- Date: 15 Dec 2009 14:46:50 -0000
- Subject: [Bug gdb/11092] New: c_printstr in c-lang.c length parameter can overflow
- Reply-to: sourceware-bugzilla at sourceware dot org
I noticed this bug while working on another patch. Comments and documentation
refer to the c_printstr function allowing a length of -1. But the length
parameter in c_printstr is of type: unsigned int. There is logic in the
function to work with the length parameter being negative, so this just seems
like a regression. Supplying a length of -1 will overflow the usigned int,
causing a very large length. This normally results in a sigsegv later in the
function
--
Summary: c_printstr in c-lang.c length parameter can overflow
Product: gdb
Version: 7.0
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: gdb
AssignedTo: unassigned at sourceware dot org
ReportedBy: pmuldoon at redhat dot com
CC: gdb-prs at sourceware dot org
http://sourceware.org/bugzilla/show_bug.cgi?id=11092
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.