http://sourceware.org/ml/gdb-patches/2012-09/msg00632.html Subject: [PATCH 2/4] Add a check to ensure that a type may fit into host memory --MP_/PnL6l3LUsXWpZ/olqawWlzb Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi, This is part two of the bitpos expansion patch. This implements checks in some places in the code to ensure that a type size in ULONGEST is small enough to fit into host memory. Tested for regressions on x86_64 Fedora 16. Regards, Siddhesh --MP_/PnL6l3LUsXWpZ/olqawWlzb Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename=ChangeLog-ensure_sizet gdb/ChangeLog * alpha-tdep.c (alpha_push_dummy_call) Check for underflow in SP. * cp-valprint (cp_print_value): Ensure BASECLASS fits into size_t. * dwarf2loc.c (read_pieced_value): Ensure that THIS_SIZE fits into size_t. (write_pieced_value): Likewise. * findcmd.c (parse_find_args): Ensure PATTERN_BUF_SIZE fits into size_t. * p-valprint (pascal_object_print_value): Ensure BASECLASS fits into size_t. * utils.c (ulongest_fits_host_or_error): New function to find if a ULONGEST number fits into size_t. * utils.h: Declare ulongest_fits_host_or_error. * valops.c (search_struct_method): Ensure BASECLASS fits into size_t. * value.c (allocate_value_lazy): Ensure TYPE fits into size_t. (allocate_value_contents): Likewise. (set_value_enclosing_type): Ensure NEW_ENCL_TYPE fits into size_t. * vax-tdep.c (vax_return_value): Ensure that TYPE fits into size_t. --MP_/PnL6l3LUsXWpZ/olqawWlzb Content-Type: text/x-patch Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=bitpos-ensure-size_t.patch Index: gdb-7.5.0.20120926/gdb/alpha-tdep.c =================================================================== --- gdb-7.5.0.20120926.orig/gdb/alpha-tdep.c 2012-11-07 22:03:57.000000000 +0100 +++ gdb-7.5.0.20120926/gdb/alpha-tdep.c 2012-11-07 22:46:00.042902382 +0100 @@ -414,6 +414,13 @@ alpha_push_dummy_call (struct gdbarch *g accumulate_size = 0; else accumulate_size -= sizeof(arg_reg_buffer); + + /* Check for underflow. */ + if (sp - accumulate_size > sp) + error (_("Insufficient memory in GDB host for arguments, " + "need %s bytes, but less than %s bytes available."), + plongest (accumulate_size), plongest (CORE_ADDR_MAX - sp)); + sp -= accumulate_size; /* Keep sp aligned to a multiple of 16 as the ABI requires. */ Index: gdb-7.5.0.20120926/gdb/cp-valprint.c =================================================================== --- gdb-7.5.0.20120926.orig/gdb/cp-valprint.c 2012-11-07 22:12:14.000000000 +0100 +++ gdb-7.5.0.20120926/gdb/cp-valprint.c 2012-11-07 22:46:00.043902381 +0100 @@ -561,6 +561,8 @@ cp_print_value (struct type *type, struc gdb_byte *buf; struct cleanup *back_to; + ulongest_fits_host_or_error (TYPE_LENGTH (baseclass)); + buf = xmalloc (TYPE_LENGTH (baseclass)); back_to = make_cleanup (xfree, buf); Index: gdb-7.5.0.20120926/gdb/dwarf2loc.c =================================================================== --- gdb-7.5.0.20120926.orig/gdb/dwarf2loc.c 2012-11-07 22:09:29.000000000 +0100 +++ gdb-7.5.0.20120926/gdb/dwarf2loc.c 2012-11-07 22:46:00.070902342 +0100 @@ -1784,6 +1784,8 @@ read_pieced_value (struct value *v) this_size = (this_size_bits + source_offset_bits % 8 + 7) / 8; source_offset = source_offset_bits / 8; + ulongest_fits_host_or_error (this_size); + if (buffer_size < this_size) { buffer_size = this_size; @@ -1975,6 +1977,7 @@ write_pieced_value (struct value *to, st } else { + ulongest_fits_host_or_error (this_size); if (buffer_size < this_size) { buffer_size = this_size; Index: gdb-7.5.0.20120926/gdb/findcmd.c =================================================================== --- gdb-7.5.0.20120926.orig/gdb/findcmd.c 2012-11-07 22:03:57.000000000 +0100 +++ gdb-7.5.0.20120926/gdb/findcmd.c 2012-11-07 22:46:00.153902249 +0100 @@ -187,6 +187,7 @@ parse_find_args (char *args, ULONGEST *m size_t current_offset = pattern_buf_end - pattern_buf; pattern_buf_size = pattern_buf_size_need * 2; + ulongest_fits_host_or_error (pattern_buf_size); pattern_buf = xrealloc (pattern_buf, pattern_buf_size); pattern_buf_end = pattern_buf + current_offset; } Index: gdb-7.5.0.20120926/gdb/p-valprint.c =================================================================== --- gdb-7.5.0.20120926.orig/gdb/p-valprint.c 2012-11-07 22:09:29.000000000 +0100 +++ gdb-7.5.0.20120926/gdb/p-valprint.c 2012-11-07 22:46:00.163902208 +0100 @@ -827,6 +827,7 @@ pascal_object_print_value (struct type * gdb_byte *buf; struct cleanup *back_to; + ulongest_fits_host_or_error (TYPE_LENGTH (baseclass)); buf = xmalloc (TYPE_LENGTH (baseclass)); back_to = make_cleanup (xfree, buf); Index: gdb-7.5.0.20120926/gdb/utils.c =================================================================== --- gdb-7.5.0.20120926.orig/gdb/utils.c 2012-11-07 22:00:43.000000000 +0100 +++ gdb-7.5.0.20120926/gdb/utils.c 2012-11-07 22:46:00.166902202 +0100 @@ -3135,6 +3135,18 @@ host_address_to_string (const void *addr return str; } +/* Ensure that the input NUM is not larger than the maximum capacity of the + host system. We choose SIZE_MAX / 8 as a conservative estimate of the size + of a resource that a system may allocate. */ +void +ulongest_fits_host_or_error (ULONGEST num) +{ + if (num > SIZE_MAX / 8) + error (_("Insufficient memory in host GDB for object of size %s bytes, " + "maximum allowed %s bytes."), pulongest (num), + pulongest (SIZE_MAX / 8)); +} + char * gdb_realpath (const char *filename) { Index: gdb-7.5.0.20120926/gdb/valops.c =================================================================== --- gdb-7.5.0.20120926.orig/gdb/valops.c 2012-11-07 22:09:30.000000000 +0100 +++ gdb-7.5.0.20120926/gdb/valops.c 2012-11-07 22:46:00.181902181 +0100 @@ -2383,6 +2383,7 @@ search_struct_method (const char *name, struct cleanup *back_to; CORE_ADDR address; + ulongest_fits_host_or_error (TYPE_LENGTH (baseclass)); tmp = xmalloc (TYPE_LENGTH (baseclass)); back_to = make_cleanup (xfree, tmp); address = value_address (*arg1p); Index: gdb-7.5.0.20120926/gdb/value.c =================================================================== --- gdb-7.5.0.20120926.orig/gdb/value.c 2012-11-07 22:09:30.000000000 +0100 +++ gdb-7.5.0.20120926/gdb/value.c 2012-11-07 22:46:00.184902176 +0100 @@ -663,6 +663,7 @@ allocate_value_lazy (struct type *type) description correctly. */ check_typedef (type); + ulongest_fits_host_or_error (TYPE_LENGTH (type)); val = (struct value *) xzalloc (sizeof (struct value)); val->contents = NULL; val->next = all_values; @@ -694,6 +695,8 @@ allocate_value_lazy (struct type *type) void allocate_value_contents (struct value *val) { + ulongest_fits_host_or_error (TYPE_LENGTH (val->enclosing_type)); + if (!val->contents) val->contents = (gdb_byte *) xzalloc (TYPE_LENGTH (val->enclosing_type)); } @@ -2662,8 +2665,12 @@ void set_value_enclosing_type (struct value *val, struct type *new_encl_type) { if (TYPE_LENGTH (new_encl_type) > TYPE_LENGTH (value_enclosing_type (val))) - val->contents = - (gdb_byte *) xrealloc (val->contents, TYPE_LENGTH (new_encl_type)); + { + ulongest_fits_host_or_error (TYPE_LENGTH (new_encl_type)); + + val->contents = + (gdb_byte *) xrealloc (val->contents, TYPE_LENGTH (new_encl_type)); + } val->enclosing_type = new_encl_type; } Index: gdb-7.5.0.20120926/gdb/vax-tdep.c =================================================================== --- gdb-7.5.0.20120926.orig/gdb/vax-tdep.c 2012-11-07 22:09:24.000000000 +0100 +++ gdb-7.5.0.20120926/gdb/vax-tdep.c 2012-11-07 22:46:56.810819878 +0100 @@ -223,6 +223,7 @@ vax_return_value (struct gdbarch *gdbarc ULONGEST addr; regcache_raw_read_unsigned (regcache, VAX_R0_REGNUM, &addr); + ulongest_fits_host_or_error (TYPE_LENGTH (type)); read_memory (addr, readbuf, TYPE_LENGTH (type)); } Index: gdb-7.5.0.20120926/gdb/defs.h =================================================================== --- gdb-7.5.0.20120926.orig/gdb/defs.h 2012-11-07 22:00:43.111906109 +0100 +++ gdb-7.5.0.20120926/gdb/defs.h 2012-11-07 22:47:46.001001239 +0100 @@ -1170,4 +1170,6 @@ enum block_enum FIRST_LOCAL_BLOCK = 2 }; +extern void ulongest_fits_host_or_error (ULONGEST num); + #endif /* #ifndef DEFS_H */