From patchwork Fri Dec 30 11:54:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alan Modra X-Patchwork-Id: 37656 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp2852952wrt; Fri, 30 Dec 2022 03:54:16 -0800 (PST) X-Google-Smtp-Source: AMrXdXs1ChlmKU2lZ0zcrqNXFfxB5TJcNI5zgxcCL24QxcXyITF/AY31yB0mOva3O9D3skvcignh X-Received: by 2002:a17:907:c202:b0:7c1:19e3:9f21 with SMTP id ti2-20020a170907c20200b007c119e39f21mr24962050ejc.7.1672401256661; Fri, 30 Dec 2022 03:54:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672401256; cv=none; d=google.com; s=arc-20160816; b=h4FXMLe+UZOUuqhJaG5NUD7bUdLXCr5HRNKBGQlX6jc7mOWeP3s1OituL+MGriRUCo lLUSRvTmpC3k9oca7JGvkxv5+AT28rUDUZ7C52cs0oVg0JldRfvMO5IyNmb6TSPqMwAc gfRObnzN7Wa/bTptzZF1uLvalbtlWUBtpBacxXMkeO9WtzKA8Jw9KxLp0J9P7ruKzosL +9VAxFTjkVsI79Dmcn3YUmYpY/VqdmokFkLdUc0ROKroCa0RyhusAFnY+LKS7Y+EVJB4 adnx4rLy8dtIW4zO431LPvFA2npUji3q0xwmRpe7juRGftEbG37TtkUgDC+yIPL6nlYB 5tqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:reply-to:from:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence :content-disposition:mime-version:message-id:subject:to:date :delivered-to:dkim-signature:dkim-filter; bh=sCoVb0d83URbiIBdmt/MCWHYIvybagxXGwh/GOzHQ+Y=; b=duJs+7c9r+IsSI8MUfTrUmC9x7K7SSRdgKM+lcaKwsPZp/63JIT+lqB2KwOUAgxxD4 lYoSoXWfk8wJhaR5j/QEh0KXl6a0PxaTWZTg33ad74Pa3UPvZxnxdXOgi55ArdmPyQmG 5m5nguRjZVi++4xhE1F4iQEuPLQwuqai4e/zl54wdcfeW/qC7n6EBlTTm/U45PREe7gO Yy20tbvu7aZWNgqvQXky2q8V4cXZsy1Eh3omYqlb+0LhuQ8jVfIWlioJRQVlrcBmqNMA 8u2XJ4zV0+g7jaAejytQXO2TlFwnCU0aKdVSpkKG7MAfbmhnBaiy+67/0FrOt/IpJngt puFg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sourceware.org header.s=default header.b="Jm6MX5/U"; spf=pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sourceware.org Received: from sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id qf30-20020a1709077f1e00b008269916aa9dsi18762551ejc.160.2022.12.30.03.54.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Dec 2022 03:54:16 -0800 (PST) Received-SPF: pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@sourceware.org header.s=default header.b="Jm6MX5/U"; spf=pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 6D2083858409 for ; Fri, 30 Dec 2022 11:54:15 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 6D2083858409 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1672401255; bh=sCoVb0d83URbiIBdmt/MCWHYIvybagxXGwh/GOzHQ+Y=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=Jm6MX5/UBzCHxVCl9YhuOdYqsEpCgQDFc3XWEdUsYs+u9aYZLAj/7AQLeeBGeFo/L ALFwr8c2SKHrzmm3D4O1xeXk/eVEU04oxdIqTt27BRjL6I2+9ufaWlyYqyuLEtVyUJ /HUImgxrp5oOH5+XfqgSHx06AUz740g44N/Gv9IY= X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from mail-pl1-x633.google.com (mail-pl1-x633.google.com [IPv6:2607:f8b0:4864:20::633]) by sourceware.org (Postfix) with ESMTPS id 74E6A3858D1E for ; Fri, 30 Dec 2022 11:54:06 +0000 (GMT) Received: by mail-pl1-x633.google.com with SMTP id d3so21619005plr.10 for ; Fri, 30 Dec 2022 03:54:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-disposition:mime-version:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=sCoVb0d83URbiIBdmt/MCWHYIvybagxXGwh/GOzHQ+Y=; b=u9fvL7CCOedMl6mdIsgFiW2yLqzOT92sBywXKIRgXI4GQpWclVoTqqn/tj3g/cpzHQ Nxv9pJ6gtQCY6ww3kpcthdP5sQTrOHlcO6cxJmzigp9PH/cjWuL/1CypO5rVkn/2115b C/NRPlL6FPdGVzWKybDq+/QwFHX+RRU7vDzzBmfDiigzyLfB+DSEGgNEeEL8DQqVk3zH ls0+m4DPq4SsBPRb5YVFnznL7D7J+TQk9uzQzthFGFCWbWpsV+0Jq0veakOLjR2VCN8e Z5aVEbGwb/TFVCLlfAt763Bdqz9INGZRsq+j+uqe5z7ltrDsSqOkS6GJBFjvoPScDk3n H15A== X-Gm-Message-State: AFqh2kpYidCY/GTkTrAxVjJ/vvk5N7Ic483KsVrT139OshZwRJMEbHWv SYrbmHn96W5GAHaoklray+3Qz9tN3T0= X-Received: by 2002:a17:902:8688:b0:189:e7ea:9ff9 with SMTP id g8-20020a170902868800b00189e7ea9ff9mr30148219plo.42.1672401245217; Fri, 30 Dec 2022 03:54:05 -0800 (PST) Received: from squeak.grove.modra.org (158.106.96.58.static.exetel.com.au. [58.96.106.158]) by smtp.gmail.com with ESMTPSA id l8-20020a170903244800b00192740bb02dsm10471512pls.45.2022.12.30.03.54.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Dec 2022 03:54:04 -0800 (PST) Received: by squeak.grove.modra.org (Postfix, from userid 1000) id 336D41142CDC; Fri, 30 Dec 2022 22:24:02 +1030 (ACDT) Date: Fri, 30 Dec 2022 22:24:02 +1030 To: binutils@sourceware.org Subject: PR29948, heap-buffer-overflow in display_debug_lines_decoded Message-ID: MIME-Version: 1.0 Content-Disposition: inline X-Spam-Status: No, score=-3035.8 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Alan Modra via Binutils From: Alan Modra Reply-To: Alan Modra Errors-To: binutils-bounces+ouuuleilei=gmail.com@sourceware.org Sender: "Binutils" X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1753639820208268219?= X-GMAIL-MSGID: =?utf-8?q?1753639820208268219?= This fixes a couple of places in display_debug_lines_decoded that were off by one in checking DWARF5 .debug_line directory indices. It also displays the DWARF5 entry 0 for the program current directory rather than "." as is done for pre-DWARF5. I decided against displaying DW_AT_comp_dir for pre-DWARF5 since I figure it is better for readelf to minimally interpret debug info. binutils/ PR 29948 * dwarf.c (display_debug_lines_decoded): Display the given directory entry 0 for DWARF5. Properly check directory index against number of entries in the table. Revert to using unsigned int for n_directories and associated variables. Correct warning messages. gas/ * testsuite/gas/elf/dwarf-5-loc0.d: Update. diff --git a/binutils/dwarf.c b/binutils/dwarf.c index a00568dd3d8..cac26ad9c25 100644 --- a/binutils/dwarf.c +++ b/binutils/dwarf.c @@ -4899,7 +4899,7 @@ display_debug_lines_decoded (struct dwarf_section * section, File_Entry *file_table = NULL; unsigned int n_files = 0; char **directory_table = NULL; - uint64_t n_directories = 0; + unsigned int n_directories = 0; if (startswith (section->name, ".debug_line.") /* Note: the following does not apply to .debug_line.dwo sections. @@ -4949,8 +4949,8 @@ display_debug_lines_decoded (struct dwarf_section * section, if (linfo.li_version >= 5) { - unsigned char *format_start, format_count, *format; - uint64_t formati, entryi; + unsigned char *format_start, *format; + unsigned int format_count, formati, entryi; load_debug_section_with_follow (line_str, fileptr); @@ -5218,22 +5218,25 @@ display_debug_lines_decoded (struct dwarf_section * section, unsigned int ix = file_table[0].directory_index; const char *directory; - if (ix == 0) + if (ix == 0 && linfo.li_version < 5) directory = "."; /* PR 20439 */ else if (n_directories == 0) directory = _(""); - else if (ix > n_directories) + else { - warn (_("directory index %u > number of directories %" PRIu64 "\n"), - ix, n_directories); - directory = _(""); + if (linfo.li_version < 5) + --ix; + if (ix >= n_directories) + { + warn (_("directory index %u " + ">= number of directories %u\n"), + ix, n_directories); + directory = _(""); + } + else + directory = directory_table[ix]; } - else if (linfo.li_version >= 5) - directory = directory_table[ix]; - else - directory = directory_table[ix - 1]; - if (do_wide) printf (_("CU: %s/%s:\n"), null_name (directory), @@ -5397,45 +5400,53 @@ display_debug_lines_decoded (struct dwarf_section * section, READ_ULEB (uladv, data, end); state_machine_regs.file = uladv; - { - unsigned file = state_machine_regs.file; - unsigned dir; - - if (linfo.li_version < 5) - --file; + unsigned file = state_machine_regs.file; + if (linfo.li_version < 5) + --file; - if (file_table == NULL || n_files == 0) - printf (_("\n [Use file table entry %d]\n"), file); - /* PR 20439 */ - else if (file >= n_files) - { - warn (_("file index %u > number of files %u\n"), file, n_files); - printf (_("\n "), file); - } - else if ((dir = file_table[file].directory_index) == 0) - /* If directory index is 0, that means current directory. */ - printf ("\n./%s:[++]\n", null_name (file_table[file].name)); - else if (directory_table == NULL || n_directories == 0) - printf (_("\n [Use file %s in directory table entry %d]\n"), - null_name (file_table[file].name), dir); - /* PR 20439 */ - else if (dir > n_directories) - { - warn (_("directory index %u > number of directories %" PRIu64 "\n"), - dir, n_directories); - printf (_("\n \n"), dir); - } - else if (linfo.li_version >= 5) - printf ("\n%s/%s:\n", - /* The directory index starts counting at 0. */ - null_name (directory_table[dir]), - null_name (file_table[file].name)); - else - printf ("\n%s/%s:\n", - /* The directory index starts counting at 1. */ - null_name (directory_table[dir - 1]), - null_name (file_table[file].name)); - } + if (file_table == NULL || n_files == 0) + printf (_("\n [Use file table entry %d]\n"), file); + /* PR 20439 */ + else if (file >= n_files) + { + warn (_("file index %u >= number of files %u\n"), + file, n_files); + printf (_("\n "), file); + } + else + { + unsigned dir = file_table[file].directory_index; + if (dir == 0 && linfo.li_version < 5) + /* If directory index is 0, that means compilation + current directory. bfd/dwarf2.c shows + DW_AT_comp_dir here but in keeping with the + readelf practice of minimal interpretation of + file data, we show "./". */ + printf ("\n./%s:[++]\n", + null_name (file_table[file].name)); + else if (directory_table == NULL || n_directories == 0) + printf (_("\n [Use file %s " + "in directory table entry %d]\n"), + null_name (file_table[file].name), dir); + else + { + if (linfo.li_version < 5) + --dir; + /* PR 20439 */ + if (dir >= n_directories) + { + warn (_("directory index %u " + ">= number of directories %u\n"), + dir, n_directories); + printf (_("\n \n"), dir); + } + else + printf ("\n%s/%s:\n", + null_name (directory_table[dir]), + null_name (file_table[file].name)); + } + } break; case DW_LNS_set_column: @@ -5530,7 +5541,8 @@ display_debug_lines_decoded (struct dwarf_section * section, /* PR 20439 */ if (indx >= n_files) { - warn (_("corrupt file index %u encountered\n"), indx); + warn (_("file index %u >= number of files %u\n"), + indx, n_files); fileName = _(""); } else diff --git a/gas/testsuite/gas/elf/dwarf-5-loc0.d b/gas/testsuite/gas/elf/dwarf-5-loc0.d index 7e8473a486f..9439d103b1f 100644 --- a/gas/testsuite/gas/elf/dwarf-5-loc0.d +++ b/gas/testsuite/gas/elf/dwarf-5-loc0.d @@ -7,10 +7,10 @@ Contents of the \.debug_line section: -CU: \./foo\.c: +CU: .*/gas/testsuite/foo\.c: File name +Line number +Starting address +View +Stmt -\./foo.c:\[\+\+\] +.*/gas/testsuite/foo.c: foo\.c +1 +0x8 +x foo\.c +2 +0x10 +x foo\.c +- +0x10