This is the mail archive of the
gdb-patches@sourceware.cygnus.com
mailing list for the GDB project.
Re: [PATCH] update: minor fixes in remote.c
- To: Philippe GIACINTI <Philippe dot Giacinti at sxb dot bsf dot alcatel dot fr>
- Subject: Re: [PATCH] update: minor fixes in remote.c
- From: Andrew Cagney <ac131313 at cygnus dot com>
- Date: Mon, 20 Mar 2000 19:18:59 +1100
- CC: gdb-patches at sourceware dot cygnus dot com
- Organization: Cygnus Solutions
- References: <14549.54618.39052.823724@gargle.gargle.HOWL>
Philippe GIACINTI wrote:
> @@ -3439,7 +3439,8 @@
> int todo;
> int i;
>
> - todo = min (len, max_buf_size / 2); /* num bytes that will fit */
> + todo = min (len, max_buf_size / 2 - 2); /* num bytes that will fit */
> + /* -2 for leading $ and trailing # + checksum (2 hex chars) */
>
> /* construct "m"<memaddr>","<len>" */
> /* sprintf (buf, "m%lx,%x", (unsigned long) memaddr, todo); */
>
> If the host side needs to read for example 500 bytes and assuming that the
> maximum buffer size is 400 chars, then without the fix, the remote side will
> be asked to send min (500, 400/2)=200 bytes, its answer will then be:
> $ ... 200 hex encoded bytes = 400 chars #CS = 400 + 4 chars which is greater
> than the max buffer size and will lead to an error from the host side.
> So we need to subtract 4 chars (i.e.: 2 hex encoded bytes) from requested
> number of bytes.
I'm still not sure that there is a problem here (I'm not saying that
there isn't though). Several changes late last year and the testsuite
addition remote.exp addressed/tested many of the buffer overflow
problems that were lingering in that code.
Do you have a debug session or test case that demonstrates the problem?
One thing to keep in mind is that, when receiving packets, the ``$'' and
``#NN'' are not included in the size of incomming packets as the remote
code does not use the packet buffer for those characters.
Andrew