From: Aleksandar Ristovski <aristovski@qnx.com>
To: gdb-patches@sourceware.org
Cc: gdb-patches@sourceware.org
Subject: Re: [patch] validate binary before use
Date: Thu, 04 Apr 2013 18:11:00 -0000 [thread overview]
Message-ID: <515D7A09.5010305@qnx.com> (raw)
Message-ID: <20130404181100.TsPmmGXF5QblsUQ3hS6F2nD0Pd7PDMiLniGvdI6z1_s@z> (raw)
In-Reply-To: <20130404081302.GA4099@host2.jankratochvil.net>
On 13-04-04 04:13 AM, Jan Kratochvil wrote:
> On Thu, 04 Apr 2013 04:03:43 +0200, Aleksandar Ristovski wrote:
>> Actually, as I think about this more, we can not use section from
>> possibly unrelated bfd to read build-id in native debugging case. At
>> a minimum, we can not store such build-id as abfd may not even
>> relate to what's in target's memory.
>
> Why?
>
> If the target shared library does not match then GDB will read some random
> memory. The target shared library may not even have any build-id.
>
> As the build-id has 160 bits there is 1:2^160 probability of a false positive,
> that is safe enough.
The problem is, we could 'remember' build-id that is garbage. I will add
checking for GNU\0 and note type, and then the likelihood that somewhat
random memory will match namesz, name and type will be very low (though
the likelihood has nothing to do with the 160 bits of build-id; build-id
is not necessarily 160 bits either).
The rest of the e-mail applies:
>
>
>> The chunk of code that is in svr4_relocate_section_addresses in the
> you probably mean solib_map_sections
>
>> latest version of the patch needs to go back to svr4_validate, and
>> not store build-id.
>
>
> I do not understand this whole mail, it would be best to provide a countercase
> where the current patchset does not behave correctly.
The above should explain why is current patchset incorrect (in
particular patch #7).
The rest is about design and duplicated functionality. The functionality
of gdbserver where it fetches the list is exactly the same what -nat can
do; in fact this could be the same code; and then solib-svr4.c deals
only with TARGET_OBJECT_LIBRARIES_SVR4. The infrastructure is in place.
Impact on solib-svr4.c: svr4_validate would be exactly as it is now,
simply check. svr4_relocate_section_addresses would not need the kludge
for reading build-id, there would be only one path of getting build-id.
Not to be neglected is that by doing so, it would be possible to look
for the debug binary directly, by using build-id instead of opening
objfile and then looking for separate_debug_fie.
---
Aleksandar
next prev parent reply other threads:[~2013-04-04 13:03 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-12-21 20:21 Aleksandar Ristovski
2012-12-24 19:57 ` Aleksandar Ristovski
2012-12-25 7:37 ` Jan Kratochvil
2012-12-27 20:07 ` Aleksandar Ristovski
2012-12-27 20:59 ` Jan Kratochvil
2012-12-27 21:03 ` Aleksandar Ristovski
2012-12-27 21:13 ` Jan Kratochvil
2012-12-27 21:21 ` Aleksandar Ristovski
2013-01-29 16:15 ` Aleksandar Ristovski
2013-01-30 19:17 ` Jan Kratochvil
2013-01-31 14:23 ` Aleksandar Ristovski
2013-02-01 3:06 ` Jan Kratochvil
2013-02-01 14:31 ` Aleksandar Ristovski
2013-02-01 20:43 ` Jan Kratochvil
2013-02-01 21:32 ` Aleksandar Ristovski
2013-02-02 12:25 ` Jan Kratochvil
2013-02-21 21:00 ` Aleksandar Ristovski
2013-02-21 21:07 ` Jan Kratochvil
2013-01-31 6:35 ` Jan Kratochvil
2013-01-31 14:24 ` Aleksandar Ristovski
2013-02-22 15:09 ` Aleksandar Ristovski
2013-02-27 17:42 ` Aleksandar Ristovski
2013-02-27 18:14 ` Aleksandar Ristovski
2013-03-22 16:58 ` Aleksandar Ristovski
2013-03-22 14:45 ` Aleksandar Ristovski
2013-03-28 20:56 ` Jan Kratochvil
2013-04-02 17:25 ` Aleksandar Ristovski
2013-04-02 17:32 ` Aleksandar Ristovski
2013-04-02 17:45 ` Jan Kratochvil
2013-04-02 18:02 ` Aleksandar Ristovski
2013-04-03 18:52 ` Jan Kratochvil
2013-04-04 11:07 ` Aleksandar Ristovski
2013-04-04 13:30 ` Jan Kratochvil
2013-04-04 17:15 ` Aleksandar Ristovski [this message]
2013-04-04 18:11 ` Aleksandar Ristovski
2013-04-05 13:03 ` Jan Kratochvil
2013-04-05 16:08 ` Aleksandar Ristovski
2013-04-07 6:06 ` Jan Kratochvil
2013-04-08 18:54 ` Pedro Alves
2013-04-09 1:15 ` Jan Kratochvil
2013-04-05 15:05 ` Aleksandar Ristovski
2013-04-07 10:24 ` Aleksandar Ristovski
2013-04-08 18:32 ` Jan Kratochvil
2013-04-07 5:54 ` Jan Kratochvil
2013-04-04 3:16 ` Jan Kratochvil
2012-12-26 19:24 ` Poenitz Andre
2012-12-27 20:10 ` Aleksandar Ristovski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=515D7A09.5010305@qnx.com \
--to=aristovski@qnx.com \
--cc=gdb-patches@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox