From patchwork Mon Feb 29 22:48:14 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Doug Evans <dje@google.com>
X-Patchwork-Id: 11147
Received: (qmail 32872 invoked by alias); 29 Feb 2016 22:48:18 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Unsubscribe: <mailto:gdb-patches-unsubscribe-##L=##H@sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Delivered-To: mailing list gdb-patches@sourceware.org
Received: (qmail 32831 invoked by uid 89); 29 Feb 2016 22:48:17 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-2.7 required=5.0 tests=AWL, BAYES_00,
	RCVD_IN_DNSWL_LOW, RP_MATCHES_RCVD,
	SPF_PASS autolearn=ham version=3.3.2 spammy=65536, Vector,
	Flags, Ditto
X-HELO: mail-pf0-f201.google.com
Received: from mail-pf0-f201.google.com (HELO mail-pf0-f201.google.com)
	(209.85.192.201) by sourceware.org
	(qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-GCM-SHA256
	encrypted) ESMTPS; Mon, 29 Feb 2016 22:48:16 +0000
Received: by mail-pf0-f201.google.com with SMTP id l6so530888pfl.0 for
	<gdb-patches@sourceware.org>; Mon, 29 Feb 2016 14:48:16 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net;
	s=20130820;
	h=x-gm-message-state:mime-version:message-id:date:subject:from:to:cc;
	bh=BO3VVufGrlFkpPJ/QcJykrad1m3g5qx2nOLzAYvSwE0=;
	b=j+nVlHx0sq2sYpmGpHx7xz1vaHphPWaM0bFijZWvnoXxstchMaBc1swRzZFTaSYk7q
	kH+IHLJBQJ/7PDCNt/6eW7WVV90vN07UiielZllEo8M4FuqYriK7A3JrUYb0U2+PVqgN
	TUfq1K9/7DvJ08DJyV3AM8zCeTiDTJhinfhGxOR4DAZfB2uTEmQhrNA+AE23viRhdKYT
	qsdxq5VL7th4y4TLmKPJlnUTRENajX3Cmnzgcz2afAj5mGeD4czXvzZ76AsbTNzu/WGf
	U/iQG7hzLq3odlZYF18sRiUezGpOLAsI1awfO16HUCRRBOEhlE/bGQaXdDn3JYjWrSs3
	V0kQ==
X-Gm-Message-State: 
 AD7BkJJ0/4KImqXCVXl/0gD17JfvaxUlMEzHeXndbaut7Qsyk+KAcwburPT01jUCPz4NhogQpsVJpifh8Q9+gi+lB/guKLIz+hbUQajFGrVX9bkAof9XdRUVIdieq928ylhUkG/1Tc9iARwrErS1r2RtKQyZQPsHJ90FS5+lL+6XaUC2LlfOFQ==
MIME-Version: 1.0
X-Received: by 10.98.76.83 with SMTP id z80mr10629680pfa.4.1456786094497;
	Mon, 29 Feb 2016 14:48:14 -0800 (PST)
Message-ID: <001a1149bdeead7ca6052cf071de@google.com>
Date: Mon, 29 Feb 2016 22:48:14 +0000
Subject: [PATCH 2/5]: Enhancements to "flags": Use LONGEST instead of int
From: Doug Evans <dje@google.com>
To: gdb-patches@sourceware.org
Cc: cole945@gmail.com
X-IsSubscribed: yes

Hi.

This patch is just cleanup to use an int in more places,
plus add checks for the conversion from LONGEST to int.
[previously the code was silently ignoring conversion errors]

2016-02-29  Doug Evans  <dje@google.com>

	* target-descriptions.c (struct tdesc_type) <u.u.size>: Change type
	from LONGEST to int.
	(struct tdesc_type) <u.f.size>: Ditto.
	(tdesc_set_struct_size): Change type of "size" arg from LONGEST
	to int.  Add assertion size > 0.
	(tdesc_create_flags): Ditto.
	* target-descriptions.h (tdesc_set_struct_size): Update.
	(tdesc_create_flags): Update.
	* xml-tdesc.c (MAX_FIELD_SIZE, MAX_FIELD_BITSIZE): New macros.
	(MAX_VECTOR_SIZE): New macro.
	(tdesc_start_struct): Catch conversion errors from LONGEST to int.
	(tdesc_start_flags, tdesc_start_field, tdesc_start_vector): Ditto.

    data->current_type_size = 0;
@@ -308,13 +325,33 @@ tdesc_start_field (struct gdb_xml_parser *parser,

    attr = xml_find_attribute (attributes, "start");
    if (attr != NULL)
-    start = * (ULONGEST *) attr->value;
+    {
+      ULONGEST ul_start = * (ULONGEST *) attr->value;
+
+      if (ul_start > MAX_FIELD_BITSIZE)
+	{
+	  gdb_xml_error (parser,
+			 _("Field start %s is larger than maximum (%d)"),
+			 pulongest (ul_start), MAX_FIELD_BITSIZE);
+	}
+      start = ul_start;
+    }
    else
      start = -1;

    attr = xml_find_attribute (attributes, "end");
    if (attr != NULL)
-    end = * (ULONGEST *) attr->value;
+    {
+      ULONGEST ul_end = * (ULONGEST *) attr->value;
+
+      if (ul_end > MAX_FIELD_BITSIZE)
+	{
+	  gdb_xml_error (parser,
+			 _("Field end %s is larger than maximum (%d)"),
+			 pulongest (ul_end), MAX_FIELD_BITSIZE);
+	}
+      end = ul_end;
+    }
    else
      end = -1;

@@ -389,12 +426,19 @@ tdesc_start_vector (struct gdb_xml_parser *parser,
    struct gdb_xml_value *attrs = VEC_address (gdb_xml_value_s, attributes);
    struct tdesc_type *field_type;
    char *id, *field_type_id;
-  int count;
+  ULONGEST count;

    id = (char *) attrs[0].value;
    field_type_id = (char *) attrs[1].value;
    count = * (ULONGEST *) attrs[2].value;

+  if (count > MAX_VECTOR_SIZE)
+    {
+      gdb_xml_error (parser,
+		     _("Vector size %s is larger than maximum (%d)"),
+		     pulongest (count), MAX_VECTOR_SIZE);
+    }
+
    field_type = tdesc_named_type (data->current_feature, field_type_id);
    if (field_type == NULL)
      gdb_xml_error (parser, _("Vector \"%s\" references undefined type  
\"%s\""),

diff --git a/gdb/target-descriptions.c b/gdb/target-descriptions.c
index 5ba167f..ac6e3a2 100644
--- a/gdb/target-descriptions.c
+++ b/gdb/target-descriptions.c
@@ -150,14 +150,14 @@ typedef struct tdesc_type
      struct
      {
        VEC(tdesc_type_field) *fields;
-      LONGEST size;
+      int size;
      } u;

      /* Flags type.  */
      struct
      {
        VEC(tdesc_type_flag) *flags;
-      LONGEST size;
+      int size;
      } f;
    } u;
  } *tdesc_type_p;
@@ -1340,9 +1340,10 @@ tdesc_create_struct (struct tdesc_feature *feature,  
const char *name)
     suffice.  */

  void
-tdesc_set_struct_size (struct tdesc_type *type, LONGEST size)
+tdesc_set_struct_size (struct tdesc_type *type, int size)
  {
    gdb_assert (type->kind == TDESC_TYPE_STRUCT);
+  gdb_assert (size > 0);
    type->u.u.size = size;
  }

@@ -1360,10 +1361,12 @@ tdesc_create_union (struct tdesc_feature *feature,  
const char *name)

  struct tdesc_type *
  tdesc_create_flags (struct tdesc_feature *feature, const char *name,
-		    LONGEST size)
+		    int size)
  {
    struct tdesc_type *type = XCNEW (struct tdesc_type);

+  gdb_assert (size > 0);
+
    type->name = xstrdup (name);
    type->kind = TDESC_TYPE_FLAGS;
    type->u.f.size = size;
diff --git a/gdb/target-descriptions.h b/gdb/target-descriptions.h
index 43f92ea..f777a92 100644
--- a/gdb/target-descriptions.h
+++ b/gdb/target-descriptions.h
@@ -229,12 +229,12 @@ struct tdesc_type *tdesc_create_vector (struct  
tdesc_feature *feature,
  					int count);
  struct tdesc_type *tdesc_create_struct (struct tdesc_feature *feature,
  					const char *name);
-void tdesc_set_struct_size (struct tdesc_type *type, LONGEST size);
+void tdesc_set_struct_size (struct tdesc_type *type, int size);
  struct tdesc_type *tdesc_create_union (struct tdesc_feature *feature,
  				       const char *name);
  struct tdesc_type *tdesc_create_flags (struct tdesc_feature *feature,
  				       const char *name,
-				       LONGEST size);
+				       int size);
  void tdesc_add_field (struct tdesc_type *type, const char *field_name,
  		      struct tdesc_type *field_type);
  void tdesc_add_bitfield (struct tdesc_type *type, const char *field_name,
diff --git a/gdb/xml-tdesc.c b/gdb/xml-tdesc.c
index b5439e5..adfe9fd 100644
--- a/gdb/xml-tdesc.c
+++ b/gdb/xml-tdesc.c
@@ -25,9 +25,14 @@
  #include "xml-support.h"
  #include "xml-tdesc.h"
  #include "osabi.h"
-
  #include "filenames.h"

+/* Maximum sizes.
+   This is just to catch obviously wrong values.  */
+#define MAX_FIELD_SIZE 65536
+#define MAX_FIELD_BITSIZE (MAX_FIELD_SIZE * TARGET_CHAR_BIT)
+#define MAX_VECTOR_SIZE 65536
+
  #if !defined(HAVE_LIBEXPAT)

  /* Parse DOCUMENT into a target description.  Or don't, since we don't have
@@ -259,8 +264,14 @@ tdesc_start_struct (struct gdb_xml_parser *parser,
    attr = xml_find_attribute (attributes, "size");
    if (attr != NULL)
      {
-      int size = (int) * (ULONGEST *) attr->value;
+      ULONGEST size = * (ULONGEST *) attr->value;

+      if (size > MAX_FIELD_SIZE)
+	{
+	  gdb_xml_error (parser,
+			 _("Struct size %s is larger than maximum (%d)"),
+			 pulongest (size), MAX_FIELD_SIZE);
+	}
        tdesc_set_struct_size (type, size);
        data->current_type_size = size;
      }
@@ -273,11 +284,17 @@ tdesc_start_flags (struct gdb_xml_parser *parser,
  {
    struct tdesc_parsing_data *data = (struct tdesc_parsing_data *)  
user_data;
    char *id = (char *) xml_find_attribute (attributes, "id")->value;
-  int length = (int) * (ULONGEST *)
+  ULONGEST size = * (ULONGEST *)
      xml_find_attribute (attributes, "size")->value;
    struct tdesc_type *type;

-  type = tdesc_create_flags (data->current_feature, id, length);
+  if (size > MAX_FIELD_SIZE)
+    {
+      gdb_xml_error (parser,
+		     _("Flags size %s is larger than maximum (%d)"),
+		     pulongest (size), MAX_FIELD_SIZE);
+    }
+  type = tdesc_create_flags (data->current_feature, id, size);

    data->current_type = type;