From bc0b26aa958253192328bc4084ba367536fb4842 Mon Sep 17 00:00:00 2001 From: Mark Wielaard Date: Tue, 20 Oct 2009 17:08:57 +0200 Subject: [PATCH] Limit the number of call frame instructions we process in the unwinder. * runtime/unwind.c (processCFI): Fail if the number of instructions is larger than MAX_CFI (currently 512). --- runtime/unwind.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/runtime/unwind.c b/runtime/unwind.c index 0e95ba08c..7607770e3 100644 --- a/runtime/unwind.c +++ b/runtime/unwind.c @@ -278,6 +278,10 @@ static void set_rule(uleb128_t reg, enum item_location where, uleb128_t value, s } } +/* Limit the number of instructions we process. Arbitrary limit. + 512 should be enough for anybody... */ +#define MAX_CFI 512 + static int processCFI(const u8 *start, const u8 *end, unsigned long targetLoc, signed ptrType, struct unwind_state *state) { union { @@ -287,6 +291,9 @@ static int processCFI(const u8 *start, const u8 *end, unsigned long targetLoc, s } ptr; int result = 1; + if (end - start > MAX_CFI) + return 0; + dbug_unwind(1, "targetLoc=%lx state->loc=%lx\n", targetLoc, state->loc); if (start != state->cieStart) { state->loc = state->org; -- 2.43.5