This is the mail archive of the
gdb-prs@sourceware.org
mailing list for the GDB project.
[Bug gdb/23657] Out of bound memory access
- From: "tromey at sourceware dot org" <sourceware-bugzilla at sourceware dot org>
- To: gdb-prs at sourceware dot org
- Date: Mon, 17 Sep 2018 12:41:11 +0000
- Subject: [Bug gdb/23657] Out of bound memory access
- Auto-submitted: auto-generated
- References: <bug-23657-4717@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=23657
--- Comment #3 from Tom Tromey <tromey at sourceware dot org> ---
(In reply to Nick Clifton from comment #2)
> There is also the caveat that the test "if (str_offset >= sect->size)"
> might be wrong if the .debug_str section is compressed. (I am unfamiliar
> with the gdb sources, so I do not know if sect->size is the size from the
> ELF header, or the size after decompression).
For a compressed section it comes from:
descriptor->size = bfd_get_section_size (sectp);
Where would a section size sanity check belong in BFD?
Maybe we'd only want it for sections we actually read, so
bfd_get_full_section_contents (and then a copy in gdb since
gdb can mmap sections).
I wonder if there are other sanity checks that should be done.
--
You are receiving this mail because:
You are on the CC list for the bug.