From patchwork Mon Feb 19 14:19:55 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kirill Radkin <kirill.radkin@syntacore.com>
X-Patchwork-Id: 85990
Return-Path: <gdb-patches-bounces+patchwork=sourceware.org@sourceware.org>
X-Original-To: patchwork@sourceware.org
Delivered-To: patchwork@sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 9B2B63865491
	for <patchwork@sourceware.org>; Mon, 19 Feb 2024 14:20:51 +0000 (GMT)
X-Original-To: gdb-patches@sourceware.org
Delivered-To: gdb-patches@sourceware.org
Received: from mta-04.yadro.com (mta-04.yadro.com [89.207.88.248])
 by sourceware.org (Postfix) with ESMTPS id 250BD384CB9F
 for <gdb-patches@sourceware.org>; Mon, 19 Feb 2024 14:20:22 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 250BD384CB9F
Authentication-Results: sourceware.org;
 dmarc=fail (p=none dis=none) header.from=syntacore.com
Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=syntacore.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 250BD384CB9F
Authentication-Results: server2.sourceware.org;
 arc=none smtp.remote-ip=89.207.88.248
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1708352425; cv=none;
 b=m3RPlDd4D1HtBPbPvUlZPEHCvW2f8K+x0rgR/aN2Od/CNEalR5DJDhvF66diml+CVyUlPv4ir7XShK7Fs6Na6LrOv869JNRl2PE4eTcoAGWzxtUB6gShIzmaqnEZ8TMYlQTCVM7a1lwbPdYYjZLBXq+82Vkym3XzENNCO6n0m5I=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1708352425; c=relaxed/simple;
 bh=6Ea2lL96usF9p3GsY8bkWOKfWRgRtPX5ZM6TW0l9uuM=;
 h=DKIM-Signature:DKIM-Signature:From:To:Subject:Date:Message-ID:
 MIME-Version;
 b=QkPI1lZy+lv6+d0oW5hMKUZHXueaq5f3CVTQ5pAXxTG09ZkX00KsLR0RYxYdInv5X6qHSRPQs4f1gUB1a/ZbB4QWB6Ee+RaCYYLsN9sFoW2Kk2X8OtWQ2ufwgSGi7H9b3G9YvzNFOXrZ0rsSc5SRlgX0Sdxxe3mxjdibkKyLnSo=
ARC-Authentication-Results: i=1; server2.sourceware.org
DKIM-Filter: OpenDKIM Filter v2.11.0 mta-04.yadro.com 239DCC0004
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=syntacore.com;
 s=mta-04; t=1708352419;
 bh=Ql9tBFAE1EC2wASMb6XXXRipJL6rKJnXsT/HKMHJ7JQ=;
 h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:From;
 b=XcNTjntHoTli35Cb2MPNYiByfMsZiyrEz9ZIc70hYJLJiBoACBzLM+k3lWrk1sJbt
 S9hMuZQhYra1oJ4J3VESxT3M43/HBX+rngRAXN4/C5PWeCMSzQAAm5uvm9dkReoPME
 J1Ki94TtPfEjf/zAFgf1gy3ojaL6rwY5weuRk9oa9Q3SQZUkgFU7EDClhdUhKLedVm
 YL/AUQkbT+P3cR24G7lFg8OC6lu+HT6ZAOmKinNmJumgB6KOB0C+uTFLbNFoDZUDQq
 EnhDfFRjRbqCML/NF63gF91feYbPP+ADKl8nOMspfzvtWmWeDIdXKWaauTAC7B3YS+
 v4qev9oIhOW1Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=syntacore.com;
 s=mta-03; t=1708352419;
 bh=Ql9tBFAE1EC2wASMb6XXXRipJL6rKJnXsT/HKMHJ7JQ=;
 h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type:From;
 b=wNZVuDhLwBFzuX0HCVa0qw7SqiSJVxb9zmLs/aAaSAIZRA1q/3sBuVy+4A1gqH9Z6
 OAlViAUkrWI2XcVZnTSHr/n1HQWtuYO+St5lTYNGicAeyrBEEzOnv46bbE5TEBl/GZ
 AeSj/Px3NfRe0RinysTcaZqJneNCEPdILv6jrKLWnf/opBXH/i5red50vkw9UI7qza
 Jjseqf+hx7+YY0X5OxIbT89Fmy/eHvKiewBSGjmNKfjQW4sJTe0Hbpwv7LM1bfEfbJ
 5ZlJ1tffZk9OKrhdfhYhd00ZqHKgS03mCEKMBxlot6Ua37U7CxIUSfDCSMU1ejXfnx
 efZVcvKmnUx8w==
From: Kirill Radkin <kirill.radkin@syntacore.com>
To: <gdb-patches@sourceware.org>
CC: Kirill Radkin <kirill.radkin@syntacore.com>
Subject: [PATCH v2] gdbserver: Fix overflow detection in gdbserver
Date: Mon, 19 Feb 2024 17:19:55 +0300
Message-ID: <20240219141955.34929-1-kirill.radkin@syntacore.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <87plx79bdm.fsf@tromey.com>
References: <87plx79bdm.fsf@tromey.com>
MIME-Version: 1.0
X-ClientProxiedBy: T-EXCH-09.corp.yadro.com (172.17.11.59) To
 S-Exch-01.corp.yadro.com (10.78.5.241)
X-Spam-Status: No, score=-13.0 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT,
 SPF_HELO_NONE, TXREP, T_SCC_BODY_TEXT_LINE,
 T_SPF_PERMERROR autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: gdb-patches@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gdb-patches mailing list <gdb-patches.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/gdb-patches>,
 <mailto:gdb-patches-request@sourceware.org?subject=subscribe>
Errors-To: gdb-patches-bounces+patchwork=sourceware.org@sourceware.org

> I don't understand this early return.
> If using an unsigned type here is intended to be invalid, then I think
> that should be enforced at compile time.

Early return removed.

> However, it seems pretty simple to handle unsigned here as well.

Added.

Currently gdbserver uses require_int() function to
parse the requested offset (in vFile::pread
packet and the like). This function allows integers up to 0x7fffffff
(to fit in 32-bit int), however the offset (for pread
system call) has an off_t type which can be larger than
32-bit.

This patch allows require_int() function to parse offset
up to the maximum value implied by the off_t type.
---
 gdb/testsuite/gdb.server/pread-offset-size.S  | 23 +++++++++
 .../gdb.server/pread-offset-size.exp          | 50 +++++++++++++++++++
 gdbserver/hostio.cc                           | 17 +++++--
 3 files changed, 86 insertions(+), 4 deletions(-)
 create mode 100644 gdb/testsuite/gdb.server/pread-offset-size.S
 create mode 100644 gdb/testsuite/gdb.server/pread-offset-size.exp

diff --git a/gdb/testsuite/gdb.server/pread-offset-size.S b/gdb/testsuite/gdb.server/pread-offset-size.S
new file mode 100644
index 00000000000..b07058e5550
--- /dev/null
+++ b/gdb/testsuite/gdb.server/pread-offset-size.S
@@ -0,0 +1,23 @@
+/* This testcase is part of GDB, the GNU debugger.
+
+   Copyright 2023 Free Software Foundation, Inc.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+
+	.text
+	.globl	_start
+_start:
+	.skip 3742415472
+	.globl	f
+f:
diff --git a/gdb/testsuite/gdb.server/pread-offset-size.exp b/gdb/testsuite/gdb.server/pread-offset-size.exp
new file mode 100644
index 00000000000..221491bfa04
--- /dev/null
+++ b/gdb/testsuite/gdb.server/pread-offset-size.exp
@@ -0,0 +1,50 @@
+# Copyright (C) 2023 Free Software Foundation, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+# Test sending of large binary files (>2 GB) from gdbserver
+# (it was unavailable earlier)
+
+load_lib gdbserver-support.exp
+
+if {![allow_gdbserver_tests]} {
+    return
+}
+
+standard_testfile .S
+
+if { [prepare_for_testing ${testfile}.exp $testfile \
+      $srcfile {debug additional_flags=-nostdlib} ] } {
+    return -1
+}
+
+gdb_exit
+gdb_start
+
+gdb_test_no_output "set remote exec-file $binfile" \
+"set remote exec-file"
+
+# Make sure we're disconnected, in case we're testing with an
+# extended-remote board, therefore already connected.
+gdb_test "disconnect" ".*"
+
+set res [gdbserver_spawn ""]
+set gdbserver_protocol [lindex $res 0]
+set gdbserver_gdbport [lindex $res 1]
+
+gdb_test "target $gdbserver_protocol $gdbserver_gdbport" \
+"Remote debugging using .*" \
+"target $gdbserver_protocol $gdbserver_gdbport"
+
+gdb_test "break f" "Breakpoint 1.*"
diff --git a/gdbserver/hostio.cc b/gdbserver/hostio.cc
index ea70c26da0f..fcee553c5a3 100644
--- a/gdbserver/hostio.cc
+++ b/gdbserver/hostio.cc
@@ -90,12 +90,18 @@ require_filename (char **pp, char *filename)
   return 0;
 }
 
+template <typename T>
 static int
-require_int (char **pp, int *value)
+require_int (char **pp, T *value)
 {
+  constexpr bool is_signed = std::is_signed<T>::value;
+
   char *p;
   int count, firstdigit;
 
+  /* Max count of hexadecimal digits in off_t (1 hex digit is 4 bits) */
+  int max_count = sizeof(T) * CHAR_BIT / 4;
+
   p = *pp;
   *value = 0;
   count = 0;
@@ -112,7 +118,8 @@ require_int (char **pp, int *value)
 	firstdigit = nib;
 
       /* Don't allow overflow.  */
-      if (count >= 8 || (count == 7 && firstdigit >= 0x8))
+      if (count >= max_count || (is_signed && count == (max_count - 1)
+				 && firstdigit >= 0x8))
 	return -1;
 
       *value = *value * 16 + nib;
@@ -344,7 +351,8 @@ handle_open (char *own_buf)
 static void
 handle_pread (char *own_buf, int *new_packet_len)
 {
-  int fd, ret, len, offset, bytes_sent;
+  int fd, ret, len, bytes_sent;
+  off_t offset;
   char *p, *data;
   static int max_reply_size = -1;
 
@@ -411,7 +419,8 @@ handle_pread (char *own_buf, int *new_packet_len)
 static void
 handle_pwrite (char *own_buf, int packet_len)
 {
-  int fd, ret, len, offset;
+  int fd, ret, len;
+  off_t offset;
   char *p, *data;
 
   p = own_buf + strlen ("vFile:pwrite:");