[PATCH] Fix possible buffer overflow bug in x86_64-tdep.c

[PATCH] Fix possible buffer overflow bug in x86_64-tdep.c

[Mark Kettenis]

The attached fixes a possible buffer overflow in
x86_64_store_return_value().

(Andreas, this was the bug I mentioned to you yesterday).

Andreas forgot to check in his origional patch on the 6.0 release
branch.  I'll do so shortly with this fix included.

Checked in.

Mark


Index: ChangeLog
from  Mark Kettenis  <kettenis@gnu.org>
 
	* x86-64-tdep.c (x86_64_store_return_value): Use an intermediate
	buffer when storing double and float varibles into %xmm0.

Index: x86-64-tdep.c
===================================================================
RCS file: /cvs/src/src/gdb/x86-64-tdep.c,v
retrieving revision 1.82
diff -u -p -r1.82 x86-64-tdep.c
--- x86-64-tdep.c 9 Jul 2003 22:10:58 -0000 1.82
+++ x86-64-tdep.c 13 Jul 2003 16:28:14 -0000
@@ -788,7 +788,7 @@ x86_64_store_return_value (struct type *
   else if (TYPE_CODE_FLT == TYPE_CODE (type))
     {
       /* Handle double and float variables.  */
-      regcache_cooked_write (regcache,  X86_64_XMM0_REGNUM, valbuf);
+      regcache_cooked_write_part (regcache, X86_64_XMM0_REGNUM, 0, len, buf);
     }
   /* XXX: What about complex floating point types?  */
   else

Re: [PATCH] Fix possible buffer overflow bug in x86_64-tdep.c

[Andreas Jaeger]

[-- Attachment #1: Type: text/plain, Size: 575 bytes --]

Mark Kettenis <kettenis@chello.nl> writes:

> The attached fixes a possible buffer overflow in
> x86_64_store_return_value().
>
> (Andreas, this was the bug I mentioned to you yesterday).

Looks fine to me - thanks!

> Andreas forgot to check in his origional patch on the 6.0 release
> branch.  I'll do so shortly with this fix included.

thanks a lot!

Andreas
-- 
 Andreas Jaeger, aj@suse.de, http://www.suse.de/~aj
  SuSE Linux AG, Deutschherrnstr. 15-19, 90429 Nürnberg, Germany
   GPG fingerprint = 93A3 365E CE47 B889 DF7F  FED1 389A 563C C272 A126

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]

Re: [PATCH] Fix possible buffer overflow bug in x86_64-tdep.c

[Mark Kettenis]

   From: Andreas Jaeger <aj@suse.de>
   Date: Mon, 14 Jul 2003 10:55:06 +0200

   > Andreas forgot to check in his origional patch on the 6.0 release
   > branch.  I'll do so shortly with this fix included.

   thanks a lot!

Turns out you did check in things on the branch, but cvsweb wasn't
showing it.  I did commit my fix to the branch though.

Sorry for the confusion,

Mark

Re: [PATCH] Fix possible buffer overflow bug in x86_64-tdep.c

[Mark Kettenis]

I made a real mess of this.  Wrong code, wrong ChangeLog, fix with
empty log message.  Fixed things now and checked it in on the branch.
Here's what I checked in on the branch.  This is effectively what I
have checked in on mainline too.

Mark

Index: ChangeLog
from  Mark Kettenis  <kettenis@gnu.org>

	* x86-64-tdep.c (x86_64_store_return_value): Use
	regcache_cooked_write_part instead of regcache_cooked_write.

Index: x86-64-tdep.c
===================================================================
RCS file: /cvs/src/src/gdb/x86-64-tdep.c,v
retrieving revision 1.79.2.2
diff -u -p -r1.79.2.2 x86-64-tdep.c
--- x86-64-tdep.c 2 Jul 2003 07:46:40 -0000 1.79.2.2
+++ x86-64-tdep.c 13 Jul 2003 22:01:08 -0000
@@ -799,7 +799,8 @@ x86_64_store_return_value (struct type *
   else if (TYPE_CODE_FLT == TYPE_CODE (type))
     {
       /* Handle double and float variables.  */
-      regcache_cooked_write (regcache,  X86_64_XMM0_REGNUM, valbuf);
+      regcache_cooked_write_part (regcache, X86_64_XMM0_REGNUM,
+				  0, len, valbuf);
     }
   /* XXX: What about complex floating point types?  */
   else