This is the mail archive of the
gdb-cvs@sourceware.org
mailing list for the GDB project.
[binutils-gdb] Zero supplied stat buffers in functions that pretend to stat
- From: Gary Benson <gary at sourceware dot org>
- To: gdb-cvs at sourceware dot org
- Date: 14 Apr 2015 11:36:39 -0000
- Subject: [binutils-gdb] Zero supplied stat buffers in functions that pretend to stat
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=326a5c7e368d49251ad48b2091388d8f424bfc54
commit 326a5c7e368d49251ad48b2091388d8f424bfc54
Author: Gary Benson <gbenson@redhat.com>
Date: Tue Apr 14 12:35:30 2015 +0100
Zero supplied stat buffers in functions that pretend to stat
GDB has five places where it pretends to stat for bfd_openr_iovec.
Four of these only set the incoming buffer's st_size, leaving the
other fields unchanged, which is to say very likely populated with
random values from the stack. remote_bfd_iovec_stat was fixed in
0a93529c56714b1da3d7106d3e0300764f8bb81c; this commit fixes the
other four.
gdb/ChangeLog:
* jit.c (mem_bfd_iovec_stat): Zero supplied buffer.
* minidebug.c (lzma_stat): Likewise.
* solib-spu.c (spu_bfd_iovec_stat): Likewise.
* spu-linux-nat.c (spu_bfd_iovec_stat): Likewise.
Diff:
---
gdb/ChangeLog | 7 +++++++
gdb/jit.c | 1 +
gdb/minidebug.c | 1 +
gdb/solib-spu.c | 1 +
gdb/spu-linux-nat.c | 1 +
5 files changed, 11 insertions(+)
diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index 9a027f3..acb408b 100644
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,10 @@
+2015-04-14 Gary Benson <gbenson@redhat.com>
+
+ * jit.c (mem_bfd_iovec_stat): Zero supplied buffer.
+ * minidebug.c (lzma_stat): Likewise.
+ * solib-spu.c (spu_bfd_iovec_stat): Likewise.
+ * spu-linux-nat.c (spu_bfd_iovec_stat): Likewise.
+
2015-04-13 Stan Shebs <stanshebs@google.com>
* MAINTAINERS: Update my email address.
diff --git a/gdb/jit.c b/gdb/jit.c
index e872c8f..f977ea6 100644
--- a/gdb/jit.c
+++ b/gdb/jit.c
@@ -126,6 +126,7 @@ mem_bfd_iovec_stat (struct bfd *abfd, void *stream, struct stat *sb)
{
struct target_buffer *buffer = (struct target_buffer*) stream;
+ memset (sb, 0, sizeof (struct stat));
sb->st_size = buffer->size;
return 0;
}
diff --git a/gdb/minidebug.c b/gdb/minidebug.c
index cc20914..98c2187 100644
--- a/gdb/minidebug.c
+++ b/gdb/minidebug.c
@@ -241,6 +241,7 @@ lzma_stat (struct bfd *abfd,
{
struct gdb_lzma_stream *lstream = stream;
+ memset (sb, 0, sizeof (struct stat));
sb->st_size = lzma_index_uncompressed_size (lstream->index);
return 0;
}
diff --git a/gdb/solib-spu.c b/gdb/solib-spu.c
index 250cf21..44fbf91 100644
--- a/gdb/solib-spu.c
+++ b/gdb/solib-spu.c
@@ -313,6 +313,7 @@ spu_bfd_iovec_stat (bfd *abfd, void *stream, struct stat *sb)
table to find the extent of the last section but that seems
pointless when the size is needed only for checks of other
parsed values in dbxread.c. */
+ memset (sb, 0, sizeof (struct stat));
sb->st_size = INT_MAX;
return 0;
}
diff --git a/gdb/spu-linux-nat.c b/gdb/spu-linux-nat.c
index b0942a9..a043f53 100644
--- a/gdb/spu-linux-nat.c
+++ b/gdb/spu-linux-nat.c
@@ -313,6 +313,7 @@ spu_bfd_iovec_stat (struct bfd *abfd, void *stream, struct stat *sb)
table to find the extent of the last section but that seems
pointless when the size is needed only for checks of other
parsed values in dbxread.c. */
+ memset (sb, 0, sizeof (struct stat));
sb->st_size = INT_MAX;
return 0;
}