Re: [PATCH] Allocate buffer with proper size in amd64_pseudo_register_{read_value,write}

[Kevin Buettner <kevinb at redhat dot com>]

On Sat, 20 Oct 2018 22:59:48 -0400
Simon Marchi <simon.marchi@polymtl.ca> wrote:

> Running "maintenance selftest" on an amd64 build with AddressSanitizer
> enabled, I get this:
> 
> ==18126==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0x7ffdf72397c1 at pc 0x7fb5f437b011 bp 0x7ffdf7239740 sp 0x7ffdf7238ee8
> WRITE of size 8 at 0x7ffdf72397c1 thread T0
>     #0 0x7fb5f437b010 in __interceptor_memcpy /build/gcc/src/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:737
>     #1 0x55a1f899c1b3 in readable_regcache::raw_read(int, unsigned char*) /home/simark/src/binutils-gdb/gdb/regcache.c:530
>     #2 0x55a1f7db241b in amd64_pseudo_register_read_value /home/simark/src/binutils-gdb/gdb/amd64-tdep.c:384
>     #3 0x55a1f8413a2e in gdbarch_pseudo_register_read_value(gdbarch*, readable_regcache*, int) /home/simark/src/binutils-gdb/gdb/gdbarch.c:1992
>     #4 0x55a1f899c9d1 in readable_regcache::cooked_read(int, unsigned char*) /home/simark/src/binutils-gdb/gdb/regcache.c:636
>     #5 0x55a1f89a2251 in cooked_read_test /home/simark/src/binutils-gdb/gdb/regcache.c:1649
> 
> In amd64_pseudo_register_read_value, when we try to read the al
> register, for example, we need to read rax and extract al from it.  We
> allocate a buffer of the size of al (1 byte):
> 
>   gdb_byte *raw_buf = (gdb_byte *) alloca (register_size (gdbarch, regnum));
> 
> but read in it the whole rax value (8 bytes):
> 
>   status = regcache->raw_read (gpnum, raw_buf);
> 
> Fix it by allocating a buffer correctly sized for the full register from
> which the smaller register is extracted.  The
> amd64_pseudo_register_write function had the same problem.
> 
> gdb/ChangeLog:
> 
> 	* amd64-tdep.c (amd64_pseudo_register_read_value): Use
> 	correctly-sized buffer with raw_read.
> 	(amd64_pseudo_register_write): Use correctly-sized buffer for
> 	raw_read/raw_write.

Okay.

Kevin