From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 4468 invoked by alias); 7 Mar 2011 20:18:28 -0000 Received: (qmail 4455 invoked by uid 22791); 7 Mar 2011 20:18:25 -0000 X-SWARE-Spam-Status: No, hits=-6.3 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_HI,SPF_HELO_PASS,T_RP_MATCHES_RCVD X-Spam-Check-By: sourceware.org Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Mon, 07 Mar 2011 20:18:21 +0000 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p27KIEcV014775 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 7 Mar 2011 15:18:14 -0500 Received: from host1.jankratochvil.net (ovpn01.gateway.prod.ext.phx2.redhat.com [10.5.9.1]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p27KICge028012 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 7 Mar 2011 15:18:13 -0500 Received: from host1.jankratochvil.net (localhost [127.0.0.1]) by host1.jankratochvil.net (8.14.4/8.14.4) with ESMTP id p27KIBjS009872; Mon, 7 Mar 2011 21:18:11 +0100 Received: (from jkratoch@localhost) by host1.jankratochvil.net (8.14.4/8.14.4/Submit) id p27KIAjp009866; Mon, 7 Mar 2011 21:18:10 +0100 Date: Mon, 07 Mar 2011 20:26:00 -0000 From: Jan Kratochvil To: Pedro Alves Cc: gdb-patches@sourceware.org Subject: Re: [patch] [gdbserver] Fix memory corruption Message-ID: <20110307201810.GA6188@host1.jankratochvil.net> References: <20110301213428.GA15991@host1.dyn.jankratochvil.net> <201103021535.16716.pedro@codesourcery.com> <20110302165135.GA29531@host1.dyn.jankratochvil.net> <201103021800.45824.pedro@codesourcery.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <201103021800.45824.pedro@codesourcery.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-IsSubscribed: yes Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2011-03/txt/msg00498.txt.bz2 On Wed, 02 Mar 2011 19:00:45 +0100, Pedro Alves wrote: > On Wednesday 02 March 2011 16:51:35, Jan Kratochvil wrote: > > Before starting to chase off-by-one here and off-by-one there what is the > > practical purpose of such strict packet limits? > > The remote protocol is designed to be implementable in tiny chips as > well, where you typically have a static buffer for the incoming packet > buffer. malloc is a luxury you don't have in many of those scenarios. > So for outgoing packets, gdb needs to be careful about that. For > incoming packets, gdb dynamically grows the buffer as it finds its > receiving larger packets. But FSF gdbserver can receive arbitrarily large packets and allocate everything dynamically. It can also send arbitrarily large responses. Thanks for the info, although for next updates, not this one. > So I think your patch is indeed okay. > I wouldn't mind a comment explaining the magic numbers, or replacing > them with 'strlen ("$#NN")' like in remote.c: Done. Checked in. Thanks, Jan http://sourceware.org/ml/gdb-cvs/2011-03/msg00106.html --- src/gdb/gdbserver/ChangeLog 2011/03/06 07:40:52 1.465 +++ src/gdb/gdbserver/ChangeLog 2011/03/07 20:15:12 1.466 @@ -1,3 +1,7 @@ +2011-03-07 Jan Kratochvil + + * remote-utils.c (putpkt_binary_1): Calculate BUF2 size dynamically. + 2011-03-06 Yao Qi * Makefile.in (REQUIRED_SUBDIRS): Remove $(LIBCOMMON_DIR). --- src/gdb/gdbserver/remote-utils.c 2011/01/25 10:09:19 1.84 +++ src/gdb/gdbserver/remote-utils.c 2011/03/07 20:15:12 1.85 @@ -725,7 +725,7 @@ char *p; int cc; - buf2 = xmalloc (PBUFSIZ); + buf2 = xmalloc (strlen ("$") + cnt + strlen ("#nn") + 1); /* Copy the packet into buffer BUF2, encapsulating it and giving it a checksum. */