Re: [patch] [gdbserver] Fix memory corruption

[Jan Kratochvil <jan.kratochvil@redhat.com>]

On Wed, 02 Mar 2011 19:00:45 +0100, Pedro Alves wrote:
> On Wednesday 02 March 2011 16:51:35, Jan Kratochvil wrote:
> > Before starting to chase off-by-one here and off-by-one there what is the
> > practical purpose of such strict packet limits?
> 
> The remote protocol is designed to be implementable in tiny chips as
> well, where you typically have a static buffer for the incoming packet
> buffer.  malloc is a luxury you don't have in many of those scenarios.
> So for outgoing packets, gdb needs to be careful about that.  For
> incoming packets, gdb dynamically grows the buffer as it finds its
> receiving larger packets.

But FSF gdbserver can receive arbitrarily large packets and allocate
everything dynamically.  It can also send arbitrarily large responses.
Thanks for the info, although for next updates, not this one.


> So I think your patch is indeed okay.
> I wouldn't mind a comment explaining the magic numbers, or replacing
> them with 'strlen ("$#NN")' like in remote.c:

Done.

Checked in.


Thanks,
Jan


http://sourceware.org/ml/gdb-cvs/2011-03/msg00106.html

--- src/gdb/gdbserver/ChangeLog	2011/03/06 07:40:52	1.465
+++ src/gdb/gdbserver/ChangeLog	2011/03/07 20:15:12	1.466
@@ -1,3 +1,7 @@
+2011-03-07  Jan Kratochvil  <jan.kratochvil@redhat.com>
+
+	* remote-utils.c (putpkt_binary_1): Calculate BUF2 size dynamically.
+
 2011-03-06  Yao Qi  <yao@codesourcery.com>
 
 	* Makefile.in (REQUIRED_SUBDIRS): Remove $(LIBCOMMON_DIR).
--- src/gdb/gdbserver/remote-utils.c	2011/01/25 10:09:19	1.84
+++ src/gdb/gdbserver/remote-utils.c	2011/03/07 20:15:12	1.85
@@ -725,7 +725,7 @@
   char *p;
   int cc;
 
-  buf2 = xmalloc (PBUFSIZ);
+  buf2 = xmalloc (strlen ("$") + cnt + strlen ("#nn") + 1);
 
   /* Copy the packet into buffer BUF2, encapsulating it
      and giving it a checksum.  */