From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-106905-listarch-gdb-patches=sources.redhat.com@sourceware.org>
Received: (qmail 1962 invoked by alias); 5 Nov 2013 09:15:41 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Received: (qmail 1952 invoked by uid 89); 5 Nov 2013 09:15:40 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=0.3 required=5.0 tests=AWL,BAYES_50,RDNS_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no version=3.3.2
X-HELO: mail-ie0-f182.google.com
Received: from Unknown (HELO mail-ie0-f182.google.com) (209.85.223.182) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-SHA encrypted) ESMTPS; Tue, 05 Nov 2013 09:15:39 +0000
Received: by mail-ie0-f182.google.com with SMTP id as1so14651672iec.27        for <gdb-patches@sourceware.org>; Tue, 05 Nov 2013 01:15:32 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;        d=1e100.net; s=20130820;        h=x-gm-message-state:mime-version:in-reply-to:references:date         :message-id:subject:from:to:cc:content-type;        bh=3VdYijwPPG2kR/dIyxHsyj8uAo18dltNKmPEz0HO1ho=;        b=J5bGhOaCuQJTunl2RjWSPR4rLe9IH4tlc+y/SUX06fuZGgBV8jQiQywqdHQtCFNFiI         Ep5gMqslzceiGDR9xBWojQB7pR2q5BXxUNBQj2bzIn0z69PgoH5wn1BaMXoezm3wwq1y         WlZ8g/EPDUjTHWqcNRoCOWRbFWkuP50nSH1ZYvEifbUx4kh3mluKSkrTCGvRbTVf3Dqn         cf4eXZlOQf2n4q0dKFBT6Eey0yjb0jVTHQjKBsH0xn050v+W5W00cb5YgNtK3kGAk4un         ALKELany9RvMzDPrcoC/CXcDXbDGJpohZMrNc0G9sZUcGcK93wgMT/Pbij5Ib2JD8cKQ         rarw==
X-Gm-Message-State: ALoCoQmErgXoRYWP/psivSOdDmXX/OrVH2qqBAhRnqUVZ8BJfTbIW4/AxTTy/ng78ulN/OVJkuiy
MIME-Version: 1.0
X-Received: by 10.43.73.197 with SMTP id yt5mr12796675icb.0.1383642931910; Tue, 05 Nov 2013 01:15:31 -0800 (PST)
Received: by 10.64.20.52 with HTTP; Tue, 5 Nov 2013 01:15:31 -0800 (PST)
In-Reply-To: <8761s8w46p.fsf@fleche.redhat.com>
References: <52741B5A.6090800@linaro.org>	<8761s8w46p.fsf@fleche.redhat.com>
Date: Tue, 05 Nov 2013 13:36:00 -0000
Message-ID: <CANu=DmiydWzcKLfYe_J7TUVEDizPziM_2kUMoajBKvp5BFF7hQ@mail.gmail.com>
Subject: Re: [PATCH] gdb/dwarf2read.c: Sanity check DW_AT_sibling values.
From: Will Newton <will.newton@linaro.org>
To: Tom Tromey <tromey@redhat.com>
Cc: "gdb-patches@sourceware.org" <gdb-patches@sourceware.org>, Patch Tracking <patches@linaro.org>
Content-Type: text/plain; charset=ISO-8859-1
X-IsSubscribed: yes
X-SW-Source: 2013-11/txt/msg00072.txt.bz2

On 4 November 2013 15:57, Tom Tromey <tromey@redhat.com> wrote:
>>>>>> "Will" == Will Newton <will.newton@linaro.org> writes:
>
> Will> When reading objects with corrupt debug information it is possible that
> Will> the sibling chain can form a loop, which leads to an infinite loop and
> Will> memory exhaustion.
>
> Will> Avoid this situation by disregarding and DW_AT_sibling values that point
> Will> to a lower address than the current entry.
>
> Thanks for doing this.
>
> Will> +       const gdb_byte *sibling_ptr = buffer + dwarf2_get_ref_die_offset (&attr).sect_off;
>
> This line is too long, it should be split somewhere.

Thanks, I'll fix these.

> Will> +       if (sibling_ptr < info_ptr)
> Will> +         complaint (&symfile_complaints,
> Will> +                    _("DW_AT_sibling points backwards"));
>
> I wonder whether the check should be "<=".

I'm not sure. It looks to me that info_ptr at this point will point to
the next attribute/DIE which could be a valid sibling?

-- 
Will Newton
Toolchain Working Group, Linaro