From patchwork Wed Jan 28 20:58:57 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Doug Evans <dje@google.com>
X-Patchwork-Id: 4838
Received: (qmail 6745 invoked by alias); 28 Jan 2015 20:59:06 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Unsubscribe: <mailto:gdb-patches-unsubscribe-##L=##H@sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Delivered-To: mailing list gdb-patches@sourceware.org
Received: (qmail 5647 invoked by uid 89); 28 Jan 2015 20:59:05 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-2.7 required=5.0 tests=AWL, BAYES_00,
	RCVD_IN_DNSWL_LOW, SPF_PASS,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.2
X-HELO: mail-pa0-f73.google.com
Received: from mail-pa0-f73.google.com (HELO mail-pa0-f73.google.com)
	(209.85.220.73) by sourceware.org
	(qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-SHA encrypted)
	ESMTPS; Wed, 28 Jan 2015 20:59:00 +0000
Received: by mail-pa0-f73.google.com with SMTP id lj1so4700129pab.0 for
	<gdb-patches@sourceware.org>; Wed, 28 Jan 2015 12:58:59 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net;
	s=20130820;
	h=x-gm-message-state:from:to:subject:cc:date:message-id:mime-version
	:content-type; bh=ipEg2VVOjFf7IhzEFCqk7vXuqjyAIqCZqPCnNp9som8=;
	b=gjNCinDsQfmm3ONSi1e5mdbki/vTC2TM7z2L52vQMW1f94iV5VV0zZrR6w0nWXOt7D
	zy4u86RdGbVroMqGHOVVt93vStz9NJ9VYwTXmUNneUrxJHKV21R/Y+kbm4kW8qWl5zzJ
	5GG5s5jW8SNJoxFIwMXoOmcAIlTFP8B6dIkDnORaTTpqWnA8BWNYPgfPnM0eCIYzIw5A
	t6vEfS8gJXANok8O1aaAqFxdZevanc0TybyC9gG9o4hTXDUnrUTOTxKrmbpFqdrzCyuC
	1YSkaCXRnOQLqRYdwdZZpS9bkLCoh1eUeAqGGlI+E0oXih+9bmgD1Zqe0ILNZAAixGwK
	995g==
X-Gm-Message-State: 
 ALoCoQnFX8ucyZN+qTELq+Y5Y4PCEtO6JUFYUkglb29DvYtxLHuIZvPxRu14mIVsP80sCujXWQGu
X-Received: by 10.68.190.232 with SMTP id gt8mr4500346pbc.3.1422478739084;
	Wed, 28 Jan 2015 12:58:59 -0800 (PST)
Received: from corpmail-nozzle1-1.hot.corp.google.com ([100.108.1.104]) by
	gmr-mx.google.com with ESMTPS id
	b3si824390qco.0.2015.01.28.12.58.58 (version=TLSv1.2
	cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Wed, 28 Jan 2015 12:58:59 -0800 (PST)
Received: from ruffy.mtv.corp.google.com ([172.17.128.44])	by
	corpmail-nozzle1-1.hot.corp.google.com with ESMTPS id
	84PAGQa0.1; Wed, 28 Jan 2015 12:58:58 -0800
From: Doug Evans <dje@google.com>
To: gdb-patches@sourceware.org, brobecker@adacore.com
Subject: [PATCH] [PR symtab/17890] punt if dwarf line header version > 4
cc: ccoutant@google.com
Date: Wed, 28 Jan 2015 12:58:57 -0800
Message-ID: <yjt2r3uek4fi.fsf@ruffy.mtv.corp.google.com>
MIME-Version: 1.0
X-IsSubscribed: yes

Hi.

This patch is to stop gdb from trying to read a dwarf line header
that it doesn't understand.
If the version has changed the header fields may be in different
places and gdb could be reading gibberish.
E.g, the new version 5 header or the Two Level Linetable header.

Now what will happen is that gdb will just ignore the line table.
The user won't get line numbers but we can't help that.
At least gdb won't crash (or go into an infinite loop - pr 17891).

I plan to check this into the main tree and the 7.9 branch.
Regression tested on amd64-linux, and with a toolchain that
generates an unsupported line header.

Note: I could have made the test similar to binutils/dwarf.c:

  if (linfo->li_version != 2
      && linfo->li_version != 3
      && linfo->li_version != 4)

I opted to be conservative and not break something if a user
just happened to be using a broken toolchain that emits
version 0 or 1 but is still usable by gdb.
I'm more than happy to be more strict though!

2015-01-28  Doug Evans  <dje@google.com>

	PR symtab/17890
	* dwarf2read.c (dwarf_decode_line_header): Punt if version > 4.

diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c
index 715b090..cd24d5e 100644
--- a/gdb/dwarf2read.c
+++ b/gdb/dwarf2read.c
@@ -17123,6 +17123,8 @@ get_debug_line_section (struct dwarf2_cu *cu)
 /* Read the statement program header starting at OFFSET in
    .debug_line, or .debug_line.dwo.  Return a pointer
    to a struct line_header, allocated using xmalloc.
+   Returns NULL if there is a problem reading the header, e.g., if it
+   has a version we don't understand.
 
    NOTE: the strings in the include directory and file name tables of
    the returned object point into the dwarf line section buffer,
@@ -17187,6 +17189,14 @@ dwarf_decode_line_header (unsigned int offset, struct dwarf2_cu *cu)
   lh->statement_program_end = line_ptr + lh->total_length;
   lh->version = read_2_bytes (abfd, line_ptr);
   line_ptr += 2;
+  if (lh->version > 4)
+    {
+      /* This is a version we don't understand.  The format could have
+	 changed in ways we don't handle properly so just punt.  */
+      complaint (&symfile_complaints,
+		 _("unsupported version in .debug_line section"));
+      return NULL;
+    }
   lh->header_length = read_offset_1 (abfd, line_ptr, offset_size);
   line_ptr += offset_size;
   lh->minimum_instruction_length = read_1_byte (abfd, line_ptr);