rpms/gdb
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Backport upstream commit for overly large gdb-index files

Browse Source 
Backport upstream commit which prevents internal error when
generating an overly large gdb-index file.  (RHBZ 1773651, Kevin
Buettner.)
This commit is contained in:
Kevin Buettner 2023-10-02 16:42:52 -07:00
parent fec73092bb
commit f4fc320c3e
5 changed files with 117 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
_gdb.spec.Patch.include
View File

@ -213,3 +213,7 @@ Patch048: gdb-rhbz2233961-CVE-2022-4806.patch
# Backport PR29925, Memory leak in find_abstract_instance # Backport PR29925, Memory leak in find_abstract_instance
Patch049: gdb-rhbz2233965-memory-leak.patch Patch049: gdb-rhbz2233965-memory-leak.patch
# Backport upstream patch which prevents internal error when
# generating a gdb-index file (RH BZ 1773651).
Patch050: gdb-rhbz1773651-gdb-index-internal-error.patch

1
_gdb.spec.patch.include
View File

@ -47,3 +47,4 @@
%patch -p1 -P047 %patch -p1 -P047
%patch -p1 -P048 %patch -p1 -P048
%patch -p1 -P049 %patch -p1 -P049
%patch -p1 -P050

1
_patch_order
View File

@ -47,3 +47,4 @@ gdb-bz2237515-debuginfod-double-free.patch
gdb-bz2237392-dwarf-obstack-allocation.patch gdb-bz2237392-dwarf-obstack-allocation.patch
gdb-rhbz2233961-CVE-2022-4806.patch gdb-rhbz2233961-CVE-2022-4806.patch
gdb-rhbz2233965-memory-leak.patch gdb-rhbz2233965-memory-leak.patch
gdb-rhbz1773651-gdb-index-internal-error.patch

105
gdb-rhbz1773651-gdb-index-internal-error.patch Normal file
View File

@ -0,0 +1,105 @@
From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
From: Kevin Buettner <kevinb@redhat.com>
Date: Mon, 2 Oct 2023 15:05:23 -0700
Subject: gdb-rhbz1773651-gdb-index-internal-error.patch
;; Backport upstream patch which prevents internal error when
;; generating a gdb-index file (RH BZ 1773651).
Throw error when creating an overly large gdb-index file
The header in a .gdb_index section uses 32-bit unsigned offsets to
refer to other areas of the section. Thus, there is a size limit of
2^32-1 which is currently unaccounted for by GDB's code for outputting
these sections.
At the moment, when GDB creates an overly large section, it will exit
abnormally due to an internal error, which is caused by a failed
assert in assert_file_size, which in turn is called from
write_gdbindex_1, both of which are in gdb/dwarf2/index-write.c.
This is what happens when that assert fails:
$ gdb -q -nx -iex 'set auto-load no' -iex 'set debuginfod enabled off' -ex file ./libgraph_tool_inference.so -ex "save gdb-index `pwd`/"
Reading symbols from ./libgraph_tool_inference.so...
No executable file now.
Discard symbol table from `libgraph_tool_inference.so'? (y or n) n
Not confirmed.
../../gdb/dwarf2/index-write.c:1069: internal-error: assert_file_size: Assertion `file_size == expected_size' failed.
A problem internal to GDB has been detected,
further debugging may prove unreliable.
----- Backtrace -----
0x55fddb4d78b0 gdb_internal_backtrace_1
../../gdb/bt-utils.c:122
0x55fddb4d78b0 _Z22gdb_internal_backtracev
../../gdb/bt-utils.c:168
0x55fddb98b5d4 internal_vproblem
../../gdb/utils.c:396
0x55fddb98b8de _Z15internal_verrorPKciS0_P13__va_list_tag
../../gdb/utils.c:476
0x55fddbb71654 _Z18internal_error_locPKciS0_z
../../gdbsupport/errors.cc:58
0x55fddb5a0f23 assert_file_size
../../gdb/dwarf2/index-write.c:1069
0x55fddb5a1ee0 assert_file_size
/usr/include/c++/13/bits/stl_iterator.h:1158
0x55fddb5a1ee0 write_gdbindex_1
../../gdb/dwarf2/index-write.c:1119
0x55fddb5a51be write_gdbindex
../../gdb/dwarf2/index-write.c:1273
[...]
---------------------
../../gdb/dwarf2/index-write.c:1069: internal-error: assert_file_size: Assertion `file_size == expected_size' failed.
This problem was encountered while building the python-graph-tool
package on Fedora. The Fedora bugzilla bug can be found here:
https://bugzilla.redhat.com/show_bug.cgi?id=1773651
This commit prevents the internal error from occurring by calling error()
when the file size exceeds 2^32-1.
Using a gdb built with this commit, I now see this behavior instead:
$ gdb -q -nx -iex 'set auto-load no' -iex 'set debuginfod enabled off' -ex file ./libgraph_tool_inference.so -ex "save gdb-index `pwd`/"
Reading symbols from ./libgraph_tool_inference.so...
No executable file now.
Discard symbol table from `/mesquite2/fedora-bugs/1773651/libgraph_tool_inference.so'? (y or n) n
Not confirmed.
Error while writing index for `/mesquite2/fedora-bugs/1773651/libgraph_tool_inference.so': gdb-index maximum file size of 4294967295 exceeded
(gdb)
I wish I could provide a test case, but due to the sizes of both the
input and output files, I think that testing resources would be
strained or exceeded in many environments.
My testing on Fedora 38 shows no regressions.
Approved-by: Tom Tromey <tom@tromey.com>
diff --git a/gdb/dwarf2/index-write.c b/gdb/dwarf2/index-write.c
--- a/gdb/dwarf2/index-write.c
+++ b/gdb/dwarf2/index-write.c
@@ -1082,7 +1082,7 @@ write_gdbindex_1 (FILE *out_file,
{
data_buf contents;
const offset_type size_of_header = 6 * sizeof (offset_type);
- offset_type total_len = size_of_header;
+ size_t total_len = size_of_header;
/* The version number. */
contents.append_offset (8);
@@ -1109,6 +1109,13 @@ write_gdbindex_1 (FILE *out_file,
gdb_assert (contents.size () == size_of_header);
+ /* The maximum size of an index file is limited by the maximum value
+ capable of being represented by 'offset_type'. Throw an error if
+ that length has been exceeded. */
+ size_t max_size = ~(offset_type) 0;
+ if (total_len > max_size)
+ error (_("gdb-index maximum file size of %zu exceeded"), max_size);
+
contents.file_write (out_file);
cu_list.file_write (out_file);
types_cu_list.file_write (out_file);

7
gdb.spec
View File

@ -57,7 +57,7 @@ Version: 13.2
# The release always contains a leading reserved number, start it at 1. # The release always contains a leading reserved number, start it at 1.
# `upstream' is not a part of `name' to stay fully rpm dependencies compatible for the testing. # `upstream' is not a part of `name' to stay fully rpm dependencies compatible for the testing.
Release: 10%{?dist} Release: 11%{?dist}
License: GPL-3.0-or-later AND BSD-3-clause AND FSFAP AND LGPL-2.1-or-later AND GPL-2.0-or-later AND LGPL-2.0-or-later AND LicenseRef-Fedora-Public-Domain AND GFDL-1.3-or-later AND LGPL-2.0-or-later WITH GCC-exception-2.0 AND GPL-3.0-or-later WITH GCC-exception-3.1 AND GPL-2.0-or-later WITH GNU-compiler-exception License: GPL-3.0-or-later AND BSD-3-clause AND FSFAP AND LGPL-2.1-or-later AND GPL-2.0-or-later AND LGPL-2.0-or-later AND LicenseRef-Fedora-Public-Domain AND GFDL-1.3-or-later AND LGPL-2.0-or-later WITH GCC-exception-2.0 AND GPL-3.0-or-later WITH GCC-exception-3.1 AND GPL-2.0-or-later WITH GNU-compiler-exception
# Do not provide URL for snapshots as the file lasts there only for 2 days. # Do not provide URL for snapshots as the file lasts there only for 2 days.
@ -1252,6 +1252,11 @@ fi
%endif %endif
%changelog %changelog
* Mon Oct 2 2023 Kevin Buettner <kevinb@redhat.com> - 13.2-11
- Backport upstream commit which prevents internal error when
generating an overly large gdb-index file. (RHBZ 1773651, Kevin
Buettner.)
* Sun Oct 1 2023 Alexandra Hájková <ahajkova@redhat.com> - 13.2-10 * Sun Oct 1 2023 Alexandra Hájková <ahajkova@redhat.com> - 13.2-10
- Backport upstream commit d28fbc7197b which fixes RHBZ 2233965 ( - Backport upstream commit d28fbc7197b which fixes RHBZ 2233965 (
CVE-2022-48065). CVE-2022-48065).