Message ID | 20190308210433.32683-4-tromey@adacore.com |
---|---|
State | New, archived |
Headers |
Received: (qmail 20395 invoked by alias); 8 Mar 2019 21:04:40 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: <gdb-patches.sourceware.org> List-Unsubscribe: <mailto:gdb-patches-unsubscribe-##L=##H@sourceware.org> List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org> List-Archive: <http://sourceware.org/ml/gdb-patches/> List-Post: <mailto:gdb-patches@sourceware.org> List-Help: <mailto:gdb-patches-help@sourceware.org>, <http://sourceware.org/ml/#faqs> Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 20347 invoked by uid 89); 8 Mar 2019 21:04:40 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-20.7 required=5.0 tests=AWL, BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_PASS autolearn=ham version=3.3.1 spammy=HContent-Transfer-Encoding:8bit X-HELO: rock.gnat.com Received: from rock.gnat.com (HELO rock.gnat.com) (205.232.38.15) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 08 Mar 2019 21:04:39 +0000 Received: from localhost (localhost.localdomain [127.0.0.1]) by filtered-rock.gnat.com (Postfix) with ESMTP id BC0325606E; Fri, 8 Mar 2019 16:04:37 -0500 (EST) Received: from rock.gnat.com ([127.0.0.1]) by localhost (rock.gnat.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id sFxzzmWlOkeO; Fri, 8 Mar 2019 16:04:37 -0500 (EST) Received: from murgatroyd.Home (75-166-85-218.hlrn.qwest.net [75.166.85.218]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by rock.gnat.com (Postfix) with ESMTPSA id 6772056031; Fri, 8 Mar 2019 16:04:37 -0500 (EST) From: Tom Tromey <tromey@adacore.com> To: gdb-patches@sourceware.org Cc: Tom Tromey <tromey@adacore.com> Subject: [RFC 8.3 3/3] Avoid a crash in source_cache::extract_lines Date: Fri, 8 Mar 2019 14:04:33 -0700 Message-Id: <20190308210433.32683-4-tromey@adacore.com> In-Reply-To: <20190308210433.32683-1-tromey@adacore.com> References: <20190308210433.32683-1-tromey@adacore.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit |
Commit Message
Tom Tromey
March 8, 2019, 9:04 p.m. UTC
If the first requested line is larger than the number of lines in the source buffer, source_cache::extract_lines could crash, because it would try to pass string::npos" to string::substr. This patch avoids the crash by checking for this case. gdb/ChangeLog 2019-03-08 Tom Tromey <tromey@adacore.com> * source-cache.c (source_cache::extract_lines): Handle case where first_pos==npos. --- gdb/ChangeLog | 5 +++++ gdb/source-cache.c | 2 ++ 2 files changed, 7 insertions(+)
Comments
On 03/08/2019 09:04 PM, Tom Tromey wrote: > If the first requested line is larger than the number of lines in the > source buffer, source_cache::extract_lines could crash, because it > would try to pass string::npos" to string::substr. > > This patch avoids the crash by checking for this case. Can you clarify how can first_pos end up as npos? Is that a bug in the caller, or is it normal? The documentation doesn't seem to allow for that: /* Get the source text for the source file in symtab S. FIRST_LINE and LAST_LINE are the first and last lines to return; line numbers are 1-based. If the file cannot be read, false is returned. Otherwise, LINES_OUT is set to the desired text. The returned text may include ANSI terminal escapes. */ > > gdb/ChangeLog > 2019-03-08 Tom Tromey <tromey@adacore.com> > > * source-cache.c (source_cache::extract_lines): Handle case where > first_pos==npos. > --- > gdb/ChangeLog | 5 +++++ > gdb/source-cache.c | 2 ++ > 2 files changed, 7 insertions(+) > > diff --git a/gdb/source-cache.c b/gdb/source-cache.c > index 27a0ade959c..b5d0d6cb7fc 100644 > --- a/gdb/source-cache.c > +++ b/gdb/source-cache.c > @@ -98,6 +98,8 @@ source_cache::extract_lines (const struct source_text &text, int first_line, > { > if (pos == std::string::npos) > pos = text.contents.size (); > + if (first_pos == std::string::npos) > + first_pos = text.contents.size (); > *lines = text.contents.substr (first_pos, pos - first_pos); > return true; > } > Thanks, Pedro Alves
>>>>> "Pedro" == Pedro Alves <palves@redhat.com> writes:
Pedro> Can you clarify how can first_pos end up as npos? Is that a bug in the
Pedro> caller, or is it normal? The documentation doesn't seem to allow for that:
Pedro> /* Get the source text for the source file in symtab S. FIRST_LINE
Pedro> and LAST_LINE are the first and last lines to return; line
Pedro> numbers are 1-based. If the file cannot be read, false is
Pedro> returned. Otherwise, LINES_OUT is set to the desired text. The
Pedro> returned text may include ANSI terminal escapes. */
I think you're just confusing first_pos and first_line here.
first_pos is a local variable that's used to track the position where
the first line starts:
std::string::size_type first_pos = std::string::npos;
[...]
if (lineno == first_line)
first_pos = pos;
It can still be npos if first_line is greater than the number of lines
in the file.
Tom
On 03/13/2019 05:20 PM, Tom Tromey wrote: >>>>>> "Pedro" == Pedro Alves <palves@redhat.com> writes: > > Pedro> Can you clarify how can first_pos end up as npos? Is that a bug in the > Pedro> caller, or is it normal? The documentation doesn't seem to allow for that: > > Pedro> /* Get the source text for the source file in symtab S. FIRST_LINE > Pedro> and LAST_LINE are the first and last lines to return; line > Pedro> numbers are 1-based. If the file cannot be read, false is > Pedro> returned. Otherwise, LINES_OUT is set to the desired text. The > Pedro> returned text may include ANSI terminal escapes. */ > > I think you're just confusing first_pos and first_line here. > first_pos is a local variable that's used to track the position where > the first line starts: > > std::string::size_type first_pos = std::string::npos; > [...] > if (lineno == first_line) > first_pos = pos; > > It can still be npos if first_line is greater than the number of lines > in the file. Oh, I see now, now that I actually look at the code, rather than just the patch. Sorry about that. And now that I look, I admit it took me a bit to grok the function, but I got it. IIUC, the function can never really return false, right? Since get_source_lines already validates input. If you made extract_lines return std::string instead of using an output parameter, then you could conveniently write: if (first_pos == std::string::npos) return {}; for this case, which might be a little clearer than the resulting "npos - npos" with your patch. Anyhow, not that important. Patch LGTM. Thanks, Pedro Alves
>>>>> "Pedro" == Pedro Alves <palves@redhat.com> writes:
Pedro> IIUC, the function can never really return false, right? Since
Pedro> get_source_lines already validates input. If you made extract_lines
Pedro> return std::string instead of using an output parameter,
I went ahead and made this change.
Tom
diff --git a/gdb/source-cache.c b/gdb/source-cache.c index 27a0ade959c..b5d0d6cb7fc 100644 --- a/gdb/source-cache.c +++ b/gdb/source-cache.c @@ -98,6 +98,8 @@ source_cache::extract_lines (const struct source_text &text, int first_line, { if (pos == std::string::npos) pos = text.contents.size (); + if (first_pos == std::string::npos) + first_pos = text.contents.size (); *lines = text.contents.substr (first_pos, pos - first_pos); return true; }