This is the mail archive of the
gdb@sources.redhat.com
mailing list for the GDB project.
RE: Is it possible to overflow baton->size in dwarf_mark_symbols_computed() in dwarf2read.c?
- From: "Cuthbertson, Reva D." <reva_cuthbertson at hp dot com>
- To: "Daniel Jacobowitz" <drow at false dot org>
- Cc: <gdb at sources dot redhat dot com>
- Date: Fri, 13 May 2005 08:37:41 -0700
- Subject: RE: Is it possible to overflow baton->size in dwarf_mark_symbols_computed() in dwarf2read.c?
Yes, I ran into the problem. I tried changing the declaration of the
"size" field in dwarf2_loclist_baton and dwarf2_locexpr_baton in
dwarf2loc.h to be an unsigned integer instead and that seemed to fix the
problem I encountered. Do you think this a reasonable solution?
Thanks!
Reva Cuthbertson
reva.cuthbertson@hp.com
-----Original Message-----
From: Daniel Jacobowitz [mailto:drow@false.org]
Sent: Friday, May 13, 2005 8:26 AM
To: Cuthbertson, Reva D.
Cc: gdb@sources.redhat.com
Subject: Re: Is it possible to overflow baton->size in
dwarf_mark_symbols_computed() in dwarf2read.c?
On Fri, May 13, 2005 at 08:18:47AM -0700, Cuthbertson, Reva D. wrote:
> Hello,
>
> I had a question regarding the following assignment in
> dwarf2_mark_symbol_computed() in dwarf2read.c:
>
> baton->size = dwarf2_per_objfile->loc_size - DW_UNSND (attr);
>
> The field "loc_size" in dwarf2_per_objfile is declared to be an
unsigned
> integer and attr.u.unsnd (expansion of DW_UNSND (attr)) is declared to
> be an unsigned long but the "size" field in dwarf2_loclist_baton and
> dwarf2_locexpr_baton defined in dwarf2loc.h is defined to be an
unsigned
> short. Is it possible to overflow baton->size with the above
> calculation?
Yes, this seems possible. Size is used for overflow checking only at
this point; saturating at USHORT_MAX seems reasonable.
Have you encountered this problem?
--
Daniel Jacobowitz
CodeSourcery, LLC