This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [patch] validate binary before use

From: Aleksandar Ristovski <aristovski at qnx dot com>
To: Jan Kratochvil <jan dot kratochvil at redhat dot com>
Cc: <gdb-patches at sourceware dot org>
Date: Thu, 4 Apr 2013 09:03:05 -0400
Subject: Re: [patch] validate binary before use
Newsgroups: gmane.comp.gdb.patches
References: <510A7EB0 dot 90702 at qnx dot com> <51278A2A dot 9000802 at qnx dot com> <512E42D1 dot 3040101 at qnx dot com> <514C58B2 dot 6090701 at qnx dot com> <20130328183727 dot GA14798 at host2 dot jankratochvil dot net> <515B0632 dot 1040502 at qnx dot com> <20130402165306 dot GA9479 at host2 dot jankratochvil dot net> <515B12D1 dot 7050505 at qnx dot com> <20130403180917 dot GA6102 at host2 dot jankratochvil dot net> <515CDF7F dot 5020403 at qnx dot com> <20130404081302 dot GA4099 at host2 dot jankratochvil dot net>

On 13-04-04 04:13 AM, Jan Kratochvil wrote:

On Thu, 04 Apr 2013 04:03:43 +0200, Aleksandar Ristovski wrote:

Actually, as I think about this more, we can not use section from
possibly unrelated bfd to read build-id in native debugging case. At
a minimum, we can not store such build-id as abfd may not even
relate to what's in target's memory.


Why?

If the target shared library does not match then GDB will read some random
memory.  The target shared library may not even have any build-id.

As the build-id has 160 bits there is 1:2^160 probability of a false positive,
that is safe enough.

The problem is, we could 'remember' build-id that is garbage. I will addchecking for GNU\0 and note type, and then the likelihood that somewhatrandom memory will match namesz, name and type will be very low (thoughthe likelihood has nothing to do with the 160 bits of build-id; build-idis not necessarily 160 bits either).


The rest of the e-mail applies:

The chunk of code that is in svr4_relocate_section_addresses in the

you probably mean              solib_map_sections

latest version of the patch needs to go back to svr4_validate, and
not store build-id.



I do not understand this whole mail, it would be best to provide a countercase
where the current patchset does not behave correctly.

The above should explain why is current patchset incorrect (inparticular patch #7).

The rest is about design and duplicated functionality. The functionalityof gdbserver where it fetches the list is exactly the same what -nat cando; in fact this could be the same code; and then solib-svr4.c dealsonly with TARGET_OBJECT_LIBRARIES_SVR4. The infrastructure is in place.

Impact on solib-svr4.c: svr4_validate would be exactly as it is now,simply check. svr4_relocate_section_addresses would not need the kludgefor reading build-id, there would be only one path of getting build-id.

Not to be neglected is that by doing so, it would be possible to lookfor the debug binary directly, by using build-id instead of openingobjfile and then looking for separate_debug_fie.



---
Aleksandar

Follow-Ups:
- Re: [patch] validate binary before use
  - From: Jan Kratochvil
- Re: [patch] validate binary before use
  - From: Aleksandar Ristovski
- Re: [patch] validate binary before use
  - From: Jan Kratochvil

References:
- Re: [patch] validate binary before use
  - From: Aleksandar Ristovski
- Re: [patch] validate binary before use
  - From: Jan Kratochvil
- Re: [patch] validate binary before use
  - From: Aleksandar Ristovski
- Re: [patch] validate binary before use
  - From: Jan Kratochvil
- Re: [patch] validate binary before use
  - From: Aleksandar Ristovski
- Re: [patch] validate binary before use
  - From: Jan Kratochvil

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]