This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
[FYI 1/2] Fix use-after-free in number_or_range_parser
- From: Tom Tromey <tom at tromey dot com>
- To: gdb-patches at sourceware dot org
- Cc: Tom Tromey <tom at tromey dot com>
- Date: Fri, 17 Aug 2018 17:12:49 -0600
- Subject: [FYI 1/2] Fix use-after-free in number_or_range_parser
- References: <20180817231250.3228-1-tom@tromey.com>
-fsanitize=address showed a use-after-free in number_or_range_parser.
The cause was that handle_line_of_input could stash the input into
"saved_command_line", and then this could be freed by reentrant calls.
This fixes the bug by preventing commands that are read by "commands"
from being eligible for repeating.
gdb/ChangeLog
2018-08-17 Tom Tromey <tom@tromey.com>
* cli/cli-script.c (read_next_line): Pass 0 as repeat argument to
command_line_input.
---
gdb/ChangeLog | 5 +++++
gdb/cli/cli-script.c | 2 +-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/gdb/cli/cli-script.c b/gdb/cli/cli-script.c
index 6f31a40019..d03b3bcf60 100644
--- a/gdb/cli/cli-script.c
+++ b/gdb/cli/cli-script.c
@@ -903,7 +903,7 @@ read_next_line (void)
else
prompt_ptr = NULL;
- return command_line_input (prompt_ptr, from_tty, "commands");
+ return command_line_input (prompt_ptr, 0, "commands");
}
/* Return true if CMD's name is NAME. */
--
2.13.6