fix bug with command `printf "%s\n", $_as_string($pc)`
Commit Message
I've attached the patch with correct formatting because my email client
replaces tabs with spaces. I'll leave the changelog entries as you
suggested.
Thanks again,
Matthew
> Just make sure to put each change in the relevant ChangeLog, the one
> "closest" to the change in the directory structure. For example, for
> you change, I would do:
>
> gdb/ChangeLog:
>
> * python/py-value.c (convert_value_from_python): Consider terminating
> NULL byte in string length.
>
> gdb/doc/ChangeLog:
>
> * gdb.texinfo (Convenience Variables for Tracepoints): Mention that
> trace_func should not be used with output and not printf.
>
> gdb/testsuite/ChangeLog:
>
> * gdb.python/py-as-string.c (malloc): New function.
> * gdb.python/py-as-string.exp (test_as_string): Test $_as_string on
> a string with printf.
> * gdb.python/py-mi.exp: Adjust array length.
>
>>> IIUC, the goal of overriding malloc is to ensure that the memory
>>> return by malloc is not all zeroes, which would potentially hide the
>>> bug? If that's right, you could instead write a wrapper for malloc
>>> instead of a replacement. The wrapper would memset the allocated
>>> buffer to 'x'es, for example. This way, it will be safer in case
>>> there are many calls to malloc or calls with size > 51.
>>>
>>> See option #2 of this answer: http://stackoverflow.com/a/262481
>>
>> Yes, that was the reason. I used this way because I read that gdb also
>> worked on non-POSIX systems (windows especially) and thought having a
>> working test on all systems would be preferred (though I didn't check
>> that all systems support the testing framework).
>> I believe that no other calls to malloc are made in the inferior for
>> this test, and that this program isn't used anywhere else, so this
>> limit of 51 bytes is never hit.
>> I agree this is a bug waiting to happen, so I can accept if the
>> alternate would be preferred, but I thought I'd mention my reasoning.
>
> That's a good justification too, I'm ok with either.
>
>
Comments
On 2017-02-26 08:20, Matthew Malcomson wrote:
> I've attached the patch with correct formatting because my email
> client replaces tabs with spaces. I'll leave the changelog entries as
> you suggested.
Just a heads up for others, the patch does not apply for me, I think
because it has CRLF line terminators. When I convert it to LF it
applies fine.
Just one comment:
void
*malloc (size_t size)
should be:
void *
malloc (size_t size)
Otherwise, the patch looks good to me. Now you just have to wait until
somebody with actual authority looks at it :).
commit 28312c70fcba81ef50a93ff52dde47230efc35cb
Author: Matthew Malcomson <hardenedapple@gmail.com>
Date: Sun Feb 26 13:10:09 2017 +0000
convert_value_from_python include terminating NULL
When converting python strings to internal gdb Value strings, the NULL
byte was initially left out, this can result in extra data from the
inferior being printed when the resulting value is used with
printf "%s\n", value
@@ -13645,8 +13645,8 @@ The source file for the current trace snapshot.
The name of the function containing @code{$tracepoint}.
@end table
-Note: @code{$trace_file} is not suitable for use in @code{printf},
-use @code{output} instead.
+Note: @code{$trace_file} and @code{$trace_file} are not suitable for use in
+@code{printf}, use @code{output} instead.
Here's a simple example of using these convenience variables for
stepping through all the trace snapshots and printing some of their
@@ -1615,7 +1615,7 @@ convert_value_from_python (PyObject *obj)
gdb::unique_xmalloc_ptr<char> s
= python_string_to_target_string (obj);
if (s != NULL)
- value = value_cstring (s.get (), strlen (s.get ()),
+ value = value_cstring (s.get (), strlen (s.get ()) + 1,
builtin_type_pychar);
}
else if (PyObject_TypeCheck (obj, &value_object_type))
@@ -15,6 +15,8 @@
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
+#include <stddef.h>
+
enum EnumType {
ENUM_VALUE_A,
ENUM_VALUE_B,
@@ -22,6 +24,20 @@ enum EnumType {
ENUM_VALUE_D,
};
+static char arena[51] = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
+
+/* Override malloc() so value_coerce_to_target() gets a known pointer, and we
+ know we'll see an error if $_as_string() returns a string that isn't NULL
+ terminated. */
+void
+*malloc (size_t size)
+{
+ if (size > sizeof (arena))
+ return NULL;
+
+ return arena;
+}
+
static enum EnumType enum_valid = ENUM_VALUE_B;
static enum EnumType enum_invalid = 20;
@@ -35,6 +35,13 @@ proc test_as_string { } {
gdb_test "p \$_as_string(2)" "\"2\""
gdb_test "p \$_as_string(enum_valid)" "\"ENUM_VALUE_B\""
gdb_test "p \$_as_string(enum_invalid)" "\"20\""
+
+ # Test that the NULL character is included in the returned value.
+ gdb_test "printf \"%s\\n\", \$_as_string(\"hi\")" "\"hi\""
+ # Quote once to define the string, and once for the regexp.
+ gdb_test "interpreter-exec mi '-var-create test * \$_as_string(\"Hello\")'" \
+ "\\^done,name=\"test\",numchild=\"8\",value=\"\\\[8]\",type=\"char \\\[8]\",has_more=\"0\""
+ gdb_test "interpreter-exec mi '-var-delete test'" "\\^done,ndeleted=\"1\""
}
test_as_string
@@ -281,7 +281,7 @@ mi_create_dynamic_varobj nstype2 nstype2 1 \
"create nstype2 varobj"
mi_list_varobj_children nstype2 {
- { {nstype2.<error at 0>} {<error at 0>} 6 {char \[6\]} }
+ { {nstype2.<error at 0>} {<error at 0>} 7 {char \[7\]} }
} "list children after setting exception flag"
mi_create_varobj me me \