From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 124437 invoked by alias); 15 Feb 2019 01:52:58 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 124335 invoked by uid 89); 15 Feb 2019 01:52:57 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-25.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_LAZY_DOMAIN_SECURITY,SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=square, 2191, screen X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 15 Feb 2019 01:52:56 +0000 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 648E212AD98; Fri, 15 Feb 2019 01:52:55 +0000 (UTC) Received: from f29-4.lan (ovpn-117-11.phx2.redhat.com [10.3.117.11]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2B16B1019626; Fri, 15 Feb 2019 01:52:55 +0000 (UTC) Date: Fri, 15 Feb 2019 01:52:00 -0000 From: Kevin Buettner To: gdb-patches@sourceware.org Cc: Saagar Jha Subject: Re: [PATCH] Prevent overflow in rl_set_screen_size Message-ID: <20190214185254.15369a0a@f29-4.lan> In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2019-02/txt/msg00248.txt.bz2 On Fri, 26 Oct 2018 21:56:50 -0700 Saagar Jha wrote: > GDB calls rl_set_screen_size in readline with the current screen size, > measured in rows and columns. To represent "infinite" sizes, GDB passes > in INT_MAX; however, since rl_set_screen_size internally multiplies the > number of rows and columns, this causes a signed integer overflow. To > prevent this we can instead pass in the approximate square root of > INT_MAX (which is still reasonably large), so that even when the number > of rows and columns is "infinite" we don't overflow. This seems like a reasonable approach to me. (I couldn't think of a better way to do it.) > gdb/ChangeLog: > 2018-05-22 Saagar Jha > > * utils.c: Reduce "infinite" rows and columns before calling > rl_set_screen_size. When you check this in, make sure that you adjust the date. Also, the ChangeLog comment should include the name of the affected function. So it'll look something like this: * utils.c (set_screen_size): Reduce "infinite" rows and columns before calling rl_set_screen_size. The actual content of the patch looks good to me. Thanks, Kevin > --- > gdb/utils.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/gdb/utils.c b/gdb/utils.c > index 8d4a744e71..56257c35cf 100644 > --- a/gdb/utils.c > +++ b/gdb/utils.c > @@ -1377,11 +1377,13 @@ set_screen_size (void) > int rows = lines_per_page; > int cols = chars_per_line; > > + // Use approximately sqrt(INT_MAX) instead of INT_MAX so that we don't > + // overflow in rl_set_screen_size, which multiplies rows and columns > if (rows <= 0) > - rows = INT_MAX; > + rows = INT_MAX >> (sizeof(int) * 8 / 2); > > if (cols <= 0) > - cols = INT_MAX; > + cols = INT_MAX >> (sizeof(int) * 8 / 2); > > /* Update Readline's idea of the terminal size. */ > rl_set_screen_size (rows, cols); > -- > 2.19.1 > >