This is the mail archive of the
gdb-patches@sources.redhat.com
mailing list for the GDB project.
Re: Minor off-by-one error in command_line_handler
- From: Daniel Jacobowitz <drow at mvista dot com>
- To: gdb-patches at sources dot redhat dot com
- Date: Fri, 29 Mar 2002 02:54:00 -0500
- Subject: Re: Minor off-by-one error in command_line_handler
- References: <20020327000106.A24311@molenda.com>
On Wed, Mar 27, 2002 at 12:01:07AM -0800, Jason Molenda wrote:
> The other problem is with the ALL_BLOCK_SYMBOLS macro. It looks
> like this
>
> /* Macro to loop through all symbols in a block BL.
> i counts which symbol we are looking at, and sym points to the current
> symbol. */
> #define ALL_BLOCK_SYMBOLS(bl, i, sym) \
> for ((i) = 0, (sym) = BLOCK_SYM ((bl), (i)); \
> (i) < BLOCK_NSYMS ((bl)); \
> ++(i), (sym) = BLOCK_SYM ((bl), (i)))
>
> Where the block structure (BL) ends with an array of pointers to
> symbols. The third expression in the for statement increments the
> index variable and reads the address at the i'th element of the
> bl->sym[] array.
>
> So when a block has 2 symbols, bl->sym[0] and bl->sym[1] contain
> values. On the last evaluation of this loop, i is pre-incremented
> from 1 to 2 and the statement 'sym = bl->nsym[2]' is done - we're
> reading one element past the end of the array.
>
> The invalid memory we just read is not used -- the conditional
> expression is then evaluated and the loop exits. The only way
> I can see this causing a problem is on a system where reading
> that unallocated word of memory would cause a segfault. Unless
> other people have heard complaints about gdb 5.1 doing so, I
> don't think this is worth worrying about.
My fault (and after 5.1, I think). This will cause errors with any
good memory checker, so I suppose it should be fixed. This incurs a
little slowdown, but was the best way I could think of to do it... OK
to check in?
--
Daniel Jacobowitz Carnegie Mellon University
MontaVista Software Debian GNU/Linux Developer
2002-03-29 Daniel Jacobowitz <drow@mvista.com>
* symtab.h (ALL_BLOCK_SYMBOLS): Don't dereference the pointer
after the last symbol in a block.
Index: symtab.h
===================================================================
RCS file: /cvs/src/src/gdb/symtab.h,v
retrieving revision 1.29
diff -u -p -r1.29 symtab.h
--- symtab.h 2002/03/27 23:10:24 1.29
+++ symtab.h 2002/03/29 07:52:56
@@ -411,7 +411,9 @@ struct block
#define ALL_BLOCK_SYMBOLS(bl, i, sym) \
for ((i) = 0, (sym) = BLOCK_SYM ((bl), (i)); \
(i) < BLOCK_NSYMS ((bl)); \
- ++(i), (sym) = BLOCK_SYM ((bl), (i)))
+ ++(i), (sym) = ((i) < BLOCK_NSYMS ((bl))) \
+ ? BLOCK_SYM ((bl), (i)) \
+ : NULL)
/* Nonzero if symbols of block BL should be sorted alphabetically.
Don't sort a block which corresponds to a function. If we did the