This is the mail archive of the gdb-patches@sourceware.cygnus.com mailing list for the GDB project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: [PATCH] update: minor fixes in remote.c


Andrew Cagney <ac131313@cygnus.com> wrote:
 > Philippe GIACINTI wrote:
 > 
 > > @@ -3439,7 +3439,8 @@
 > >        int todo;
 > >        int i;
 > > 
 > > -      todo = min (len, max_buf_size / 2);      /* num bytes that will fit */
 > > +      todo = min (len, max_buf_size / 2 - 2);  /* num bytes that will fit */
 > > +      /* -2 for leading $ and trailing # + checksum (2 hex chars) */
 > > 
 > >        /* construct "m"<memaddr>","<len>" */
 > >        /* sprintf (buf, "m%lx,%x", (unsigned long) memaddr, todo); */
 > > 
 > > If the host side needs to read for example 500 bytes and assuming that the
 > > maximum buffer size is 400 chars, then without the fix, the remote side will
 > > be asked to send min (500, 400/2)=200 bytes, its answer will then be:
 > >    $ ... 200 hex encoded bytes = 400 chars #CS = 400 + 4 chars which is greater
 > > than the max buffer size and will lead to an error from the host side.
 > > So we need to subtract 4 chars (i.e.: 2 hex encoded bytes) from requested
 > > number of bytes.
 > 
 > I'm still not sure that there is a problem here (I'm not saying that
 > there isn't though).  Several changes late last year and the testsuite
 > addition remote.exp addressed/tested many of the buffer overflow
 > problems that were lingering in that code.
 > 
 > Do you have a debug session or test case that demonstrates the problem?
 > 
 > One thing to keep in mind is that, when receiving packets, the ``$'' and
 > ``#NN'' are not included in the size of incomming packets as the remote
 > code does not use the packet buffer for those characters.
 > 
 > 	Andrew
 > 
OK, you're right. I've checked with the last snapshot, and the problem doesn't
happen anymore. I had this problem with GDB-4.18 (see attached log) and fixed
it with the previous patch.
Sorry for the inconvenience ...
Anyway, the first part of the patch (using set_thread) should be OK.

Regards.
-- 
Philippe Giacinti - Alcatel Business Systems - PCD/SMB/SWPCC - CC S0645
1, route du Dr Albert Schweitzer - 67408 Illkirch Cedex - FRANCE
Tel: +33 (0)3.90.67.62.10 - Fax: +33 (0)3.90.67.77.93
mailto:Philippe.Giacinti@sxb.bsf.alcatel.fr

GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux"...
(gdb) set remotedebug 1
(gdb) go-remote 
Sending packet: $Hc-1#09...Ack
Packet received: OK
Sending packet: $qC#b4...Ack
Packet received: QC527c
Sending packet: $qOffsets#4b...Ack
Packet received: 
Sending packet: $?#3f...Ack
Packet received: T0508:e0850408;05:00000000;04:50f0ffbf;thread:527c;
0x80485e0 in _startSending packet: $m8049c2c,a8#ff...Ack
Packet received: 0100000010000000010000004b0000000c000000a48404080d0000003c8a0408040000002881040805000000c882040806000000b88104080a000000d50000000b00000010000000150000008832014003000000e09b040802000000780000001400000011000000170000002c840408110000002484040812000000080000001300000008000000feffff6fd4830408ffffff6f02000000f0ffff6fb28304080000000000000000
Sending packet: $m40013288,14#98...Ack
Packet received: 01000000a832014050a300400000000000000040
Sending packet: $m400132a8,c8#f7...Ack

    ()Remote packet too long: 00000000c70001402c9c04089038014000000000d034014000000000349c0408849c04087c9c04084c9c0408549c04085c9c0408000000000000000000000000649c04086c9c04083c9c0408449c04080000000000000000000000009c9c0408a49c0408ac9c04088c9c0408749c040800000000949c0408000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Remote packet too long: 00000000c70001402c9c04089038014000000000d034014000000000349c0408849c04087c9c04084c9c0408549c04085c9c0408000000000000000000000000649c04086c9c04083c9c0408449c04080000000000000000000000009c9c0408a49c0408ac9c04088c9c0408749c040800000000949c0408000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Remote packet too long: 00000000c70001402c9c04089038014000000000d034014000000000349c0408849c04087c9c04084c9c0408549c04085c9c0408000000000000000000000000649c04086c9c04083c9c0408449c04080000000000000000000000009c9c0408a49c0408ac9c04088c9c0408749c040800000000949c0408000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Ignoring packet error, continuing...
Sending packet: $m4001336f,c8#fb...putpkt: Junk: #03
Remote packet too long: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bc9c0408b49c040800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Remote packet too long: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bc9c0408b49c040800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Remote packet too long: 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bc9c0408b49c040800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Ignoring packet error, continuing...
putpkt: Junk: #2b

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]