This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
[PATCH 5/8] Fix latent bug in msp430-tdep.c
- From: Tom Tromey <tom at tromey dot com>
- To: gdb-patches at sourceware dot org
- Cc: Tom Tromey <tom at tromey dot com>
- Date: Sat, 22 Sep 2018 22:08:11 -0600
- Subject: [PATCH 5/8] Fix latent bug in msp430-tdep.c
- References: <20180923040814.27941-1-tom@tromey.com>
-Wshadow=local found this latent bug. msp430-tdep.c does:
const gdb_byte *arg_bits;
{
/* Aggregates of any size are passed by reference. */
gdb_byte struct_addr[4];
[...
arg_bits = struct_addr;
}
... use arg_bits
Here, arg_bits can point to an object that's gone out of scope.
The fix is to hoist the inner "struct_addr" buffer to an outer scope,
and rename it to avoid shadowing.
gdb/ChangeLog
2018-09-22 Tom Tromey <tom@tromey.com>
* msp430-tdep.c (msp430_push_dummy_call): Rename inner
"structs_addr" and hoist declaration.
---
gdb/ChangeLog | 5 +++++
gdb/msp430-tdep.c | 7 +++----
2 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/gdb/msp430-tdep.c b/gdb/msp430-tdep.c
index b6e062a380..427f58c0ed 100644
--- a/gdb/msp430-tdep.c
+++ b/gdb/msp430-tdep.c
@@ -715,6 +715,7 @@ msp430_push_dummy_call (struct gdbarch *gdbarch, struct value *function,
ULONGEST arg_size = TYPE_LENGTH (arg_type);
int offset;
int current_arg_on_stack;
+ gdb_byte struct_addr_buf[4];
current_arg_on_stack = 0;
@@ -722,11 +723,9 @@ msp430_push_dummy_call (struct gdbarch *gdbarch, struct value *function,
|| TYPE_CODE (arg_type) == TYPE_CODE_UNION)
{
/* Aggregates of any size are passed by reference. */
- gdb_byte struct_addr[4];
-
- store_unsigned_integer (struct_addr, 4, byte_order,
+ store_unsigned_integer (struct_addr_buf, 4, byte_order,
value_address (arg));
- arg_bits = struct_addr;
+ arg_bits = struct_addr_buf;
arg_size = (code_model == MSP_LARGE_CODE_MODEL) ? 4 : 2;
}
else
--
2.17.1