This is the mail archive of the
gdb-patches@sourceware.org
mailing list for the GDB project.
Re: [patch] Fix -fsanitize=address on unreadable inferior strings
- From: Joel Brobecker <brobecker at adacore dot com>
- To: Jan Kratochvil <jan dot kratochvil at redhat dot com>
- Cc: gdb-patches at sourceware dot org
- Date: Tue, 19 Aug 2014 08:54:22 +0200
- Subject: Re: [patch] Fix -fsanitize=address on unreadable inferior strings
- Authentication-results: sourceware.org; auth=none
- References: <20140818192747 dot GA23790 at host2 dot jankratochvil dot net>
> gdb/
> 2014-08-18 Jan Kratochvil <jan.kratochvil@redhat.com>
>
> Fix -fsanitize=address on unreadable inferior strings.
> * valprint.c (val_print_string): Fix access before BUFFER.
LGTM. I actually don't see why this wouldn't be a possible bug.
Couldn't LEN be 0, in which case BYTES_READ would be zero, making
WIDTH > BYTES_READ?
>
> diff --git a/gdb/valprint.c b/gdb/valprint.c
> index d3ab267..a87d67c 100644
> --- a/gdb/valprint.c
> +++ b/gdb/valprint.c
> @@ -2510,8 +2510,10 @@ val_print_string (struct type *elttype, const char *encoding,
> LEN is -1. */
>
> /* Determine found_nul by looking at the last character read. */
> - found_nul = extract_unsigned_integer (buffer + bytes_read - width, width,
> - byte_order) == 0;
> + found_nul = 0;
> + if (bytes_read >= width)
> + found_nul = extract_unsigned_integer (buffer + bytes_read - width, width,
> + byte_order) == 0;
> if (len == -1 && !found_nul)
> {
> gdb_byte *peekbuf;
--
Joel