PR27218, memory access violation in dwarf2dbg.c

Alan Modra amodra@gmail.com
Thu Jan 21 08:36:43 GMT 2021


It's not correct to set dwarf_level to 5 when it might be higher in
the future.  Testing DWARF2_LINE_VERSION doesn't necessarily cover
that, since the macro might be changed in the future too.  So fix that
and report errors for negative file numbers.

	PR 27218
	* dwarf2dbg.c (dwarf2_gen_line_info): Correct setting of dwarf_level.
	(dwarf2_directive_filename, dwarf2_directive_loc): Likewise, and
	error for negative file numbers.

diff --git a/gas/dwarf2dbg.c b/gas/dwarf2dbg.c
index 069f6316643..8e632404c4f 100644
--- a/gas/dwarf2dbg.c
+++ b/gas/dwarf2dbg.c
@@ -550,9 +550,10 @@ dwarf2_gen_line_info (addressT ofs, struct dwarf2_line_info *loc)
   /* Early out for as-yet incomplete location information.  */
   if (loc->line == 0)
     return;
-  if (loc->filenum == 0 && DWARF2_LINE_VERSION < 5)
+  if (loc->filenum == 0)
     {
-      dwarf_level = 5;
+      if (dwarf_level < 5)
+	dwarf_level = 5;
       if (DWARF2_LINE_VERSION < 5)
 	return;
     }
@@ -1046,10 +1047,11 @@ dwarf2_directive_filename (void)
 
   num = get_absolute_expression ();
 
-  if ((offsetT) num < 1 && DWARF2_LINE_VERSION < 5)
+  if ((offsetT) num < 1)
     {
-      dwarf_level = 5;
-      if (DWARF2_LINE_VERSION < 5)
+      if (dwarf_level < 5)
+	dwarf_level = 5;
+      if ((offsetT) num < 0 || DWARF2_LINE_VERSION < 5)
 	{
 	  as_bad (_("file number less than one"));
 	  ignore_rest_of_line ();
@@ -1149,18 +1151,16 @@ dwarf2_directive_loc (int dummy ATTRIBUTE_UNUSED)
 
   if (filenum < 1)
     {
-      if (filenum != 0 || DWARF2_LINE_VERSION < 5)
+      if (dwarf_level < 5)
+	dwarf_level = 5;
+      if (filenum < 0 || DWARF2_LINE_VERSION < 5)
 	{
-	  dwarf_level = 5;
-	  if (DWARF2_LINE_VERSION < 5)
-	    {
-	      as_bad (_("file number less than one"));
-	      return;
-	    }
+	  as_bad (_("file number less than one"));
+	  return;
 	}
     }
 
-  if (filenum >= (int) files_in_use || files[filenum].filename == NULL)
+  if ((valueT) filenum >= files_in_use || files[filenum].filename == NULL)
     {
       as_bad (_("unassigned file number %ld"), (long) filenum);
       return;

-- 
Alan Modra
Australia Development Lab, IBM


More information about the Binutils mailing list