From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-155626-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 91535 invoked by alias); 25 Apr 2019 15:53:37 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Received: (qmail 91482 invoked by uid 89); 25 Apr 2019 15:53:36 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-3.6 required=5.0 tests=AWL,BAYES_00,KAM_NUMSUBJECT,SPF_HELO_PASS autolearn=no version=3.3.1 spammy=stating, H*M:lan, HX-Languages-Length:1440
X-HELO: mx1.redhat.com
Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 25 Apr 2019 15:53:35 +0000
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))	(No client certificate requested)	by mx1.redhat.com (Postfix) with ESMTPS id 6FD2C30ABF35	for <gdb-patches@sourceware.org>; Thu, 25 Apr 2019 15:53:34 +0000 (UTC)
Received: from f29-4.lan (ovpn-116-111.phx2.redhat.com [10.3.116.111])	by smtp.corp.redhat.com (Postfix) with ESMTPS id 4E54D5C21E	for <gdb-patches@sourceware.org>; Thu, 25 Apr 2019 15:53:34 +0000 (UTC)
Date: Thu, 25 Apr 2019 15:53:00 -0000
From: Kevin Buettner <kevinb@redhat.com>
To: gdb-patches@sourceware.org
Subject: Re: [patch] Fix CVE-2017-9778
Message-ID: <20190425085333.036ad078@f29-4.lan>
In-Reply-To: <7662d84ed430765775cfb3750a155ba4@polymtl.ca>
References: <e2b9a14b-97de-a926-9e82-1f678e893944@codesourcery.com>	<20190424175614.146732e1@f29-4.lan>	<7662d84ed430765775cfb3750a155ba4@polymtl.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
X-SW-Source: 2019-04/txt/msg00531.txt.bz2

On Wed, 24 Apr 2019 23:25:45 -0400
Simon Marchi <simon.marchi@polymtl.ca> wrote:

> On 2019-04-24 20:56, Kevin Buettner wrote:
> > On Wed, 24 Apr 2019 10:27:39 -0600
> > Sandra Loosemore <sandra@codesourcery.com> wrote:
> >   
> >>     GDB was failing to catch cases where a corrupt ELF or core file
> >>     contained an invalid length value in a Dwarf debug frame FDE 
> >> header.
> >>     It was checking for buffer overflow but not cases where the length 
> >> was
> >>     negative or caused pointer wrap-around.
> >> 
> >>     In addition to the additional validity check, this patch cleans up 
> >> the
> >>     multiple signed/unsigned conversions on the length field so that 
> >> an
> >>     unsigned representation is used consistently throughout.
> >> 
> >>     2019-04-24  Sandra Loosemore  <sandra@codesourcery.com>
> >>     	    Kang Li <kanglictf@gmail.com>
> >> 
> >>     	PR gdb/21600
> >> 
> >>     	* dwarf2-frame.c (read_initial_length): Be consistent about using
> >>     	unsigned representation of length.
> >>     	(decode_frame_entry_1): Likewise.  Check for wraparound of
> >>     	end pointer as well as buffer overflow.  
> > 
> > This is okay.
> > 
> > Kevin  
> 
> I would just suggest using a more descriptive commit title, stating what 
> the commit actually changes in the code.  It's still good to reference 
> the CVE number, but by itself is not very descriptive.

Yes, good point.

I'm glad that Sandra saw your suggestion prior to pushing that commit.

Kevin