From: Mark Wielaard <mjw@redhat.com>
Date: Tue, 20 Oct 2009 15:08:57 +0000 (+0200)
Subject: Limit the number of call frame instructions we process in the unwinder.
X-Git-Tag: release-1.0.9~83^2~25^2
X-Git-Url: https://sourceware.org/git/?a=commitdiff_plain;h=bc0b26aa958253192328bc4084ba367536fb4842;p=systemtap.git

Limit the number of call frame instructions we process in the unwinder.

* runtime/unwind.c (processCFI): Fail if the number of instructions is
  larger than MAX_CFI (currently 512).
---

diff --git a/runtime/unwind.c b/runtime/unwind.c
index 0e95ba08c..7607770e3 100644
--- a/runtime/unwind.c
+++ b/runtime/unwind.c
@@ -278,6 +278,10 @@ static void set_rule(uleb128_t reg, enum item_location where, uleb128_t value, s
 	}
 }
 
+/* Limit the number of instructions we process. Arbitrary limit.
+   512 should be enough for anybody... */
+#define MAX_CFI 512
+
 static int processCFI(const u8 *start, const u8 *end, unsigned long targetLoc, signed ptrType, struct unwind_state *state)
 {
 	union {
@@ -287,6 +291,9 @@ static int processCFI(const u8 *start, const u8 *end, unsigned long targetLoc, s
 	} ptr;
 	int result = 1;
 
+	if (end - start > MAX_CFI)
+	  return 0;
+
 	dbug_unwind(1, "targetLoc=%lx state->loc=%lx\n", targetLoc, state->loc);
 	if (start != state->cieStart) {
 		state->loc = state->org;