From patchwork Tue Sep 20 16:19:37 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonathan Wakely X-Patchwork-Id: 15811 Received: (qmail 75069 invoked by alias); 20 Sep 2016 16:19:40 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 75032 invoked by uid 89); 20 Sep 2016 16:19:40 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-4.0 required=5.0 tests=BAYES_00, KAM_LAZY_DOMAIN_SECURITY, RP_MATCHES_RCVD, SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=Hx-languages-length:2078, *does* X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 20 Sep 2016 16:19:39 +0000 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 29E5FC057FA7 for ; Tue, 20 Sep 2016 16:19:38 +0000 (UTC) Received: from localhost (ovpn-116-66.ams2.redhat.com [10.36.116.66]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u8KGJb7k022332; Tue, 20 Sep 2016 12:19:37 -0400 Date: Tue, 20 Sep 2016 17:19:37 +0100 From: Jonathan Wakely To: Pedro Alves Cc: gdb-patches@sourceware.org Subject: Re: [PATCH] Diagnose invalid pointer arithmetic on gdb.Value Message-ID: <20160920161936.GA5736@redhat.com> References: <20160920144601.GA3459@redhat.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-Clacks-Overhead: GNU Terry Pratchett User-Agent: Mutt/1.7.0 (2016-08-17) On 20/09/16 16:41 +0100, Pedro Alves wrote: >On 09/20/2016 03:46 PM, Jonathan Wakely wrote: >> Instead of passing invalid arguments to value_binop and getting a >> misleading error, raise a TypeError directly in valpy_binop_throw. > >Did you try changing value_binop instead? The error string seems >misleading even in C: > >(gdb) p ptr >$1 = 0x601040 "" >(gdb) p ptr + 1 >$2 = 0x601041 "" >(gdb) p ptr + 1.0 >Argument to arithmetic operation not a number or boolean. >(gdb) Ah, so it's not specific to the Python API, in which case changing value_binop (or scalar_binop more accurately) might make sense. The check in scalar_binop *does* check for numbers, so the error is accurate. The argument that triggers the errors is actually the pointer argument, not the float one: if ((TYPE_CODE (type1) != TYPE_CODE_FLT && TYPE_CODE (type1) != TYPE_CODE_DECFLOAT && !is_integral_type (type1)) || (TYPE_CODE (type2) != TYPE_CODE_FLT && TYPE_CODE (type2) != TYPE_CODE_DECFLOAT && !is_integral_type (type2))) error (_("Argument to arithmetic operation not a number or boolean.")); The problem is that pointer arithmetic with invalid operands ends up here, because value_ptr{add,sub,diff} don't get called for invalid arguments. So maybe a better fix is to first check if either argument is a pointer and give a more specific error, as attached (untested). diff --git a/gdb/valarith.c b/gdb/valarith.c index de6fcfd..546d4b6 100644 --- a/gdb/valarith.c +++ b/gdb/valarith.c @@ -951,7 +951,9 @@ scalar_binop (struct value *arg1, struct value *arg2, enum exp_opcode op) type1 = check_typedef (value_type (arg1)); type2 = check_typedef (value_type (arg2)); - if ((TYPE_CODE (type1) != TYPE_CODE_FLT + if (TYPE_CODE (type1) == TYPE_CODE_PTR || TYPE_CODE (type2) == TYPE_CODE_PTR) + error (_("Invalid arguments to pointer arithmetic operation.")); + else if ((TYPE_CODE (type1) != TYPE_CODE_FLT && TYPE_CODE (type1) != TYPE_CODE_DECFLOAT && !is_integral_type (type1)) || (TYPE_CODE (type2) != TYPE_CODE_FLT