From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 8749 invoked by alias); 19 Aug 2014 06:54:26 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 8740 invoked by uid 89); 19 Aug 2014 06:54:26 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.7 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: rock.gnat.com Received: from rock.gnat.com (HELO rock.gnat.com) (205.232.38.15) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-SHA encrypted) ESMTPS; Tue, 19 Aug 2014 06:54:25 +0000 Received: from localhost (localhost.localdomain [127.0.0.1]) by filtered-rock.gnat.com (Postfix) with ESMTP id E56AB116355; Tue, 19 Aug 2014 02:54:23 -0400 (EDT) Received: from rock.gnat.com ([127.0.0.1]) by localhost (rock.gnat.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id LlbK9UWjegM6; Tue, 19 Aug 2014 02:54:23 -0400 (EDT) Received: from joel.gnat.com (localhost.localdomain [127.0.0.1]) by rock.gnat.com (Postfix) with ESMTP id C2894116344; Tue, 19 Aug 2014 02:54:23 -0400 (EDT) Received: by joel.gnat.com (Postfix, from userid 1000) id 0365C410E0; Tue, 19 Aug 2014 08:54:22 +0200 (CEST) Date: Tue, 19 Aug 2014 06:54:00 -0000 From: Joel Brobecker To: Jan Kratochvil Cc: gdb-patches@sourceware.org Subject: Re: [patch] Fix -fsanitize=address on unreadable inferior strings Message-ID: <20140819065422.GE1773@adacore.com> References: <20140818192747.GA23790@host2.jankratochvil.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20140818192747.GA23790@host2.jankratochvil.net> User-Agent: Mutt/1.5.21 (2010-09-15) X-SW-Source: 2014-08/txt/msg00332.txt.bz2 > gdb/ > 2014-08-18 Jan Kratochvil > > Fix -fsanitize=address on unreadable inferior strings. > * valprint.c (val_print_string): Fix access before BUFFER. LGTM. I actually don't see why this wouldn't be a possible bug. Couldn't LEN be 0, in which case BYTES_READ would be zero, making WIDTH > BYTES_READ? > > diff --git a/gdb/valprint.c b/gdb/valprint.c > index d3ab267..a87d67c 100644 > --- a/gdb/valprint.c > +++ b/gdb/valprint.c > @@ -2510,8 +2510,10 @@ val_print_string (struct type *elttype, const char *encoding, > LEN is -1. */ > > /* Determine found_nul by looking at the last character read. */ > - found_nul = extract_unsigned_integer (buffer + bytes_read - width, width, > - byte_order) == 0; > + found_nul = 0; > + if (bytes_read >= width) > + found_nul = extract_unsigned_integer (buffer + bytes_read - width, width, > + byte_order) == 0; > if (len == -1 && !found_nul) > { > gdb_byte *peekbuf; -- Joel