From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 21468 invoked by alias); 4 Jul 2012 10:34:37 -0000 Received: (qmail 20958 invoked by uid 22791); 4 Jul 2012 10:34:36 -0000 X-SWARE-Spam-Status: No, hits=-6.7 required=5.0 tests=AWL,BAYES_00,KHOP_RCVD_UNTRUST,MAY_BE_FORGED,RCVD_IN_DNSWL_HI,RCVD_IN_HOSTKARMA_W,SPF_HELO_PASS,T_RP_MATCHES_RCVD X-Spam-Check-By: sourceware.org Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Wed, 04 Jul 2012 10:34:18 +0000 Received: from int-mx12.intmail.prod.int.phx2.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q64AYIEX030377 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 4 Jul 2012 06:34:18 -0400 Received: from spoyarek (dhcp223-8.pnq.redhat.com [10.65.223.8] (may be forged)) by int-mx12.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q64AYGPD026406 for ; Wed, 4 Jul 2012 06:34:17 -0400 Date: Wed, 04 Jul 2012 10:34:00 -0000 From: Siddhesh Poyarekar To: gdb-patches@sourceware.org Subject: [PATCH] Replace unsafe alloca for baseclass type Message-ID: <20120704160423.1e7107a7@spoyarek> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="MP_/Io=llwXAALo_qJ9f8lMXEcg" Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org X-SW-Source: 2012-07/txt/msg00055.txt.bz2 --MP_/Io=llwXAALo_qJ9f8lMXEcg Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Disposition: inline Content-length: 621 Hi, While working on a review for the bitpos patch[1], I found an unsafe alloca in cp-valprint, which could result in a crash since the baseclass size could get very large. Here's a patch based on Jan's suggestion to fix this. I have tested to verify that this does not introduce any regressions in the testsuite on x86_64. Regards, Siddhesh [1] http://sourceware.org/ml/gdb-patches/2012-06/msg00851.html gdb/ChangeLog: 2012-07-04 Siddhesh Poyarekar Jan Kartochvil * cp-valprint.c (cp_print_value): Replace potentially unsafe alloca with xmalloc/xfree. --MP_/Io=llwXAALo_qJ9f8lMXEcg Content-Type: text/x-patch Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=gdb-alloca.patch Content-length: 914 diff --git a/gdb/cp-valprint.c b/gdb/cp-valprint.c index 2e3beea..c066aa5 100644 --- a/gdb/cp-valprint.c +++ b/gdb/cp-valprint.c @@ -554,9 +554,11 @@ cp_print_value (struct type *type, struct type *real_type, if ((boffset + offset) < 0 || (boffset + offset) >= TYPE_LENGTH (real_type)) { - /* FIXME (alloca): unsafe if baseclass is really - really large. */ - gdb_byte *buf = alloca (TYPE_LENGTH (baseclass)); + gdb_byte *buf; + struct cleanup *back_to; + + buf = xmalloc (TYPE_LENGTH (baseclass)); + back_to = make_cleanup (xfree, buf); if (target_read_memory (address + boffset, buf, TYPE_LENGTH (baseclass)) != 0) @@ -568,6 +570,7 @@ cp_print_value (struct type *type, struct type *real_type, boffset = 0; thistype = baseclass; base_valaddr = value_contents_for_printing_const (base_val); + do_cleanups (back_to); } else { --MP_/Io=llwXAALo_qJ9f8lMXEcg--