From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-106888-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 5586 invoked by alias); 4 Nov 2013 15:57:14 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Received: (qmail 5571 invoked by uid 89); 4 Nov 2013 15:57:13 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-2.9 required=5.0 tests=AWL,BAYES_00,RDNS_NONE,SPF_HELO_PASS,SPF_PASS,URIBL_BLOCKED autolearn=no version=3.3.2
X-HELO: mx1.redhat.com
Received: from Unknown (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 04 Nov 2013 15:57:12 +0000
Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12])	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id rA4Fv3lG009460	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);	Mon, 4 Nov 2013 10:57:03 -0500
Received: from barimba (ovpn-113-94.phx2.redhat.com [10.3.113.94])	by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id rA4Fv2nu029116	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);	Mon, 4 Nov 2013 10:57:02 -0500
From: Tom Tromey <tromey@redhat.com>
To: Will Newton <will.newton@linaro.org>
Cc: gdb-patches@sourceware.org, Patch Tracking <patches@linaro.org>
Subject: Re: [PATCH] gdb/dwarf2read.c: Sanity check DW_AT_sibling values.
References: <52741B5A.6090800@linaro.org>
Date: Mon, 04 Nov 2013 15:57:00 -0000
In-Reply-To: <52741B5A.6090800@linaro.org> (Will Newton's message of "Fri, 01	Nov 2013 14:21:30 -0700")
Message-ID: <8761s8w46p.fsf@fleche.redhat.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-SW-Source: 2013-11/txt/msg00055.txt.bz2

>>>>> "Will" == Will Newton <will.newton@linaro.org> writes:

Will> When reading objects with corrupt debug information it is possible that
Will> the sibling chain can form a loop, which leads to an infinite loop and
Will> memory exhaustion.

Will> Avoid this situation by disregarding and DW_AT_sibling values that point
Will> to a lower address than the current entry.

Thanks for doing this.

Will> +	      const gdb_byte *sibling_ptr = buffer + dwarf2_get_ref_die_offset (&attr).sect_off;

This line is too long, it should be split somewhere.

Will> +	      if (sibling_ptr < info_ptr)
Will> +		complaint (&symfile_complaints,
Will> +			   _("DW_AT_sibling points backwards"));

I wonder whether the check should be "<=".

Will> +	      const gdb_byte *sibling_ptr = buffer + dwarf2_get_ref_die_offset (&attr).sect_off;

Also too long.

Tom