Re: [patch] Fix CVE-2017-9778

Mirror of the gdb-patches mailing list
 help / color / mirror / Atom feed

From: Simon Marchi <simon.marchi@polymtl.ca>
To: Kevin Buettner <kevinb@redhat.com>
Cc: gdb-patches@sourceware.org, Sandra Loosemore <sandra@codesourcery.com>
Subject: Re: [patch] Fix CVE-2017-9778
Date: Thu, 25 Apr 2019 03:26:00 -0000	[thread overview]
Message-ID: <7662d84ed430765775cfb3750a155ba4@polymtl.ca> (raw)
In-Reply-To: <20190424175614.146732e1@f29-4.lan>

On 2019-04-24 20:56, Kevin Buettner wrote:
> On Wed, 24 Apr 2019 10:27:39 -0600
> Sandra Loosemore <sandra@codesourcery.com> wrote:
> 
>>     GDB was failing to catch cases where a corrupt ELF or core file
>>     contained an invalid length value in a Dwarf debug frame FDE 
>> header.
>>     It was checking for buffer overflow but not cases where the length 
>> was
>>     negative or caused pointer wrap-around.
>> 
>>     In addition to the additional validity check, this patch cleans up 
>> the
>>     multiple signed/unsigned conversions on the length field so that 
>> an
>>     unsigned representation is used consistently throughout.
>> 
>>     2019-04-24  Sandra Loosemore  <sandra@codesourcery.com>
>>     	    Kang Li <kanglictf@gmail.com>
>> 
>>     	PR gdb/21600
>> 
>>     	* dwarf2-frame.c (read_initial_length): Be consistent about using
>>     	unsigned representation of length.
>>     	(decode_frame_entry_1): Likewise.  Check for wraparound of
>>     	end pointer as well as buffer overflow.
> 
> This is okay.
> 
> Kevin

I would just suggest using a more descriptive commit title, stating what 
the commit actually changes in the code.  It's still good to reference 
the CVE number, but by itself is not very descriptive.

Thanks,

Simon

next prev parent reply	other threads:[~2019-04-25  3:26 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-04-24 16:27 Sandra Loosemore
2019-04-25  0:56 ` Kevin Buettner
2019-04-25  3:26   ` Simon Marchi [this message]
2019-04-25 14:34     ` Sandra Loosemore
2019-04-25 15:53     ` Kevin Buettner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7662d84ed430765775cfb3750a155ba4@polymtl.ca \
    --to=simon.marchi@polymtl.ca \
    --cc=gdb-patches@sourceware.org \
    --cc=kevinb@redhat.com \
    --cc=sandra@codesourcery.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox