This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On 4/24/19 9:25 PM, Simon Marchi wrote:
On 2019-04-24 20:56, Kevin Buettner wrote:On Wed, 24 Apr 2019 10:27:39 -0600 Sandra Loosemore <sandra@codesourcery.com> wrote:GDB was failing to catch cases where a corrupt ELF or core file contained an invalid length value in a Dwarf debug frame FDE header.It was checking for buffer overflow but not cases where the length wasnegative or caused pointer wrap-around.In addition to the additional validity check, this patch cleans up themultiple signed/unsigned conversions on the length field so that an unsigned representation is used consistently throughout. 2019-04-24 Sandra Loosemore <sandra@codesourcery.com> Kang Li <kanglictf@gmail.com> PR gdb/21600* dwarf2-frame.c (read_initial_length): Be consistent about usingunsigned representation of length. (decode_frame_entry_1): Likewise. Check for wraparound of end pointer as well as buffer overflow.This is okay. KevinI would just suggest using a more descriptive commit title, stating what the commit actually changes in the code. It's still good to reference the CVE number, but by itself is not very descriptive.
Done. I pushed it as "Detect invalid length field in debug frame FDE header."
-Sandra
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |