From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 103100 invoked by alias); 13 Mar 2019 17:07:07 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 102923 invoked by uid 89); 13 Mar 2019 17:07:07 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 spammy=ANSI, ansi X-HELO: mail-wr1-f68.google.com Received: from mail-wr1-f68.google.com (HELO mail-wr1-f68.google.com) (209.85.221.68) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 13 Mar 2019 17:07:05 +0000 Received: by mail-wr1-f68.google.com with SMTP id 33so2822260wrb.13 for ; Wed, 13 Mar 2019 10:07:05 -0700 (PDT) Return-Path: Received: from ?IPv6:2001:8a0:f913:f700:56ee:75ff:fe8d:232b? ([2001:8a0:f913:f700:56ee:75ff:fe8d:232b]) by smtp.gmail.com with ESMTPSA id q78sm2774489wme.43.2019.03.13.10.07.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 13 Mar 2019 10:07:02 -0700 (PDT) Subject: Re: [RFC 8.3 3/3] Avoid a crash in source_cache::extract_lines To: Tom Tromey , gdb-patches@sourceware.org References: <20190308210433.32683-1-tromey@adacore.com> <20190308210433.32683-4-tromey@adacore.com> From: Pedro Alves Message-ID: Date: Wed, 13 Mar 2019 17:07:00 -0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20190308210433.32683-4-tromey@adacore.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-SW-Source: 2019-03/txt/msg00274.txt.bz2 On 03/08/2019 09:04 PM, Tom Tromey wrote: > If the first requested line is larger than the number of lines in the > source buffer, source_cache::extract_lines could crash, because it > would try to pass string::npos" to string::substr. > > This patch avoids the crash by checking for this case. Can you clarify how can first_pos end up as npos? Is that a bug in the caller, or is it normal? The documentation doesn't seem to allow for that: /* Get the source text for the source file in symtab S. FIRST_LINE and LAST_LINE are the first and last lines to return; line numbers are 1-based. If the file cannot be read, false is returned. Otherwise, LINES_OUT is set to the desired text. The returned text may include ANSI terminal escapes. */ > > gdb/ChangeLog > 2019-03-08 Tom Tromey > > * source-cache.c (source_cache::extract_lines): Handle case where > first_pos==npos. > --- > gdb/ChangeLog | 5 +++++ > gdb/source-cache.c | 2 ++ > 2 files changed, 7 insertions(+) > > diff --git a/gdb/source-cache.c b/gdb/source-cache.c > index 27a0ade959c..b5d0d6cb7fc 100644 > --- a/gdb/source-cache.c > +++ b/gdb/source-cache.c > @@ -98,6 +98,8 @@ source_cache::extract_lines (const struct source_text &text, int first_line, > { > if (pos == std::string::npos) > pos = text.contents.size (); > + if (first_pos == std::string::npos) > + first_pos = text.contents.size (); > *lines = text.contents.substr (first_pos, pos - first_pos); > return true; > } > Thanks, Pedro Alves