From patchwork Fri Jul 27 21:03:18 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Pedro Franco de Carvalho <pedromfc@linux.ibm.com>
X-Patchwork-Id: 28662
Received: (qmail 117640 invoked by alias); 27 Jul 2018 21:03:51 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Unsubscribe: <mailto:gdb-patches-unsubscribe-##L=##H@sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Delivered-To: mailing list gdb-patches@sourceware.org
Received: (qmail 117466 invoked by uid 89); 27 Jul 2018 21:03:50 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-27.2 required=5.0 tests=AWL, BAYES_00,
	GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3,
	RCVD_IN_DNSWL_LOW,
	SPF_PASS autolearn=ham version=3.3.2 spammy=1647, hopes
X-HELO: mx0a-001b2d01.pphosted.com
Received: from mx0b-001b2d01.pphosted.com (HELO mx0a-001b2d01.pphosted.com)
	(148.163.158.5) by sourceware.org
	(qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP;
	Fri, 27 Jul 2018 21:03:47 +0000
Received: from pps.filterd (m0098421.ppops.net [127.0.0.1])	by
	mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id
	w6RKsMsk082659	for <gdb-patches@sourceware.org>;
	Fri, 27 Jul 2018 17:03:45 -0400
Received: from e32.co.us.ibm.com (e32.co.us.ibm.com [32.97.110.150])	by
	mx0a-001b2d01.pphosted.com with ESMTP id
	2kg85re0ks-1	(version=TLSv1.2 cipher=AES256-GCM-SHA384
	bits=256 verify=NOT)	for <gdb-patches@sourceware.org>;
	Fri, 27 Jul 2018 17:03:45 -0400
Received: from localhost	by e32.co.us.ibm.com with IBM ESMTP SMTP Gateway:
	Authorized Use Only! Violators will be prosecuted	for
	<gdb-patches@sourceware.org> from <pedromfc@linux.ibm.com>;
	Fri, 27 Jul 2018 15:03:44 -0600
Received: from b03cxnp08026.gho.boulder.ibm.com (9.17.130.18)	by
	e32.co.us.ibm.com (192.168.1.132) with IBM ESMTP SMTP
	Gateway: Authorized Use Only! Violators will be prosecuted;
	(version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256)	Fri, 27
	Jul 2018 15:03:44 -0600
Received: from b03ledav005.gho.boulder.ibm.com
	(b03ledav005.gho.boulder.ibm.com [9.17.130.236])	by
	b03cxnp08026.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0)
	with ESMTP id w6RL3fpa3604796	(version=TLSv1/SSLv3
	cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL);
	Fri, 27 Jul 2018 14:03:41 -0700
Received: from b03ledav005.gho.boulder.ibm.com (unknown [127.0.0.1])	by
	IMSVA (Postfix) with ESMTP id 58072BE054;
	Fri, 27 Jul 2018 15:03:41 -0600 (MDT)
Received: from b03ledav005.gho.boulder.ibm.com (unknown [127.0.0.1])	by
	IMSVA (Postfix) with ESMTP id F36C0BE05D;
	Fri, 27 Jul 2018 15:03:40 -0600 (MDT)
Received: from pedro.localdomain (unknown [9.85.199.57])	by
	b03ledav005.gho.boulder.ibm.com (Postfix) with ESMTP;
	Fri, 27 Jul 2018 15:03:40 -0600 (MDT)
Received: by pedro.localdomain (Postfix, from userid 1000)	id D246D3C04DB;
	Fri, 27 Jul 2018 18:03:35 -0300 (-03)
From: Pedro Franco de Carvalho <pedromfc@linux.ibm.com>
To: gdb-patches@sourceware.org
Cc: uweigand@de.ibm.com
Subject: [PATCH v2 6/6] Allow larger regblock sizes when saving tracefiles
Date: Fri, 27 Jul 2018 18:03:18 -0300
In-Reply-To: <20180727210318.2960-1-pedromfc@linux.ibm.com>
References: <20180727210318.2960-1-pedromfc@linux.ibm.com>
x-cbid: 18072721-0004-0000-0000-00001469B789
X-IBM-SpamModules-Scores: 
X-IBM-SpamModules-Versions: BY=3.00009440; HX=3.00000241; KW=3.00000007;
	PH=3.00000004; SC=3.00000266; SDB=6.01067028; UDB=6.00548259;
	IPR=6.00844894; MB=3.00022359; MTD=3.00000008; XFM=3.00000015;
	UTC=2018-07-27 21:03:44
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 18072721-0005-0000-0000-0000883D362E
Message-Id: <20180727210318.2960-7-pedromfc@linux.ibm.com>

The tracefile.c:trace_save function assumes trace_regblock_size won't
be larger than the MAX_TRACE_UPLOAD constant, used to size the buffer
which holds trace data.  This can cause buffer overruns when this is
not the case.  This patch changes this function so that the larger
size is used to size the buffer.

gdb/ChangeLog:
YYYY-MM-DD  Pedro Franco de Carvalho  <pedromfc@linux.ibm.com>

	* tracepoint.c: Include common/byte-vector.h.
	(trace_save): Change type of buf to gdb::byte_vector.  Initialize
	with trace_regblock_size if needed.  Update uses of buf.
---
 gdb/tracefile.c | 42 +++++++++++++++++++++++-------------------
 1 file changed, 23 insertions(+), 19 deletions(-)

diff --git a/gdb/tracefile.c b/gdb/tracefile.c
index ecd2f5c678..b367f6e403 100644
--- a/gdb/tracefile.c
+++ b/gdb/tracefile.c
@@ -22,6 +22,7 @@
 #include "ctf.h"
 #include "exec.h"
 #include "regcache.h"
+#include "common/byte-vector.h"
 
 /* Helper macros.  */
 
@@ -67,7 +68,7 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 
   ULONGEST offset = 0;
 #define MAX_TRACE_UPLOAD 2000
-  gdb_byte buf[MAX_TRACE_UPLOAD];
+  gdb::byte_vector buf (std::max (MAX_TRACE_UPLOAD, trace_regblock_size));
   enum bfd_endian byte_order = gdbarch_byte_order (target_gdbarch ());
 
   /* If the target is to save the data to a file on its own, then just
@@ -144,7 +145,7 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 	  /* We ask for big blocks, in the hopes of efficiency, but
 	     will take less if the target has packet size limitations
 	     or some such.  */
-	  gotten = target_get_raw_trace_data (buf, offset,
+	  gotten = target_get_raw_trace_data (buf.data (), offset,
 					      MAX_TRACE_UPLOAD);
 	  if (gotten < 0)
 	    error (_("Failure to get requested trace buffer data"));
@@ -152,7 +153,7 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 	  if (gotten == 0)
 	    break;
 
-	  writer->ops->write_trace_buffer (writer, buf, gotten);
+	  writer->ops->write_trace_buffer (writer, buf.data (), gotten);
 
 	  offset += gotten;
 	}
@@ -163,7 +164,7 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 	  /* Parse the trace buffers according to how data are stored
 	     in trace buffer in GDBserver.  */
 
-	  gotten = target_get_raw_trace_data (buf, offset, 6);
+	  gotten = target_get_raw_trace_data (buf.data (), offset, 6);
 
 	  if (gotten == 0)
 	    break;
@@ -171,10 +172,10 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 	  /* Read the first six bytes in, which is the tracepoint
 	     number and trace frame size.  */
 	  tp_num = (uint16_t)
-	    extract_unsigned_integer (&buf[0], 2, byte_order);
+	    extract_unsigned_integer (&((buf.data ())[0]), 2, byte_order);
 
 	  tf_size = (uint32_t)
-	    extract_unsigned_integer (&buf[2], 4, byte_order);
+	    extract_unsigned_integer (&((buf.data ())[2]), 4, byte_order);
 
 	  writer->ops->frame_ops->start (writer, tp_num);
 	  gotten = 6;
@@ -192,7 +193,8 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 		  /* We'll fetch one block each time, in order to
 		     handle the extremely large 'M' block.  We first
 		     fetch one byte to get the type of the block.  */
-		  gotten = target_get_raw_trace_data (buf, offset, 1);
+		  gotten = target_get_raw_trace_data (buf.data (),
+						      offset, 1);
 		  if (gotten < 1)
 		    error (_("Failure to get requested trace buffer data"));
 
@@ -205,13 +207,13 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 		    {
 		    case 'R':
 		      gotten
-			= target_get_raw_trace_data (buf, offset,
+			= target_get_raw_trace_data (buf.data (), offset,
 						     trace_regblock_size);
 		      if (gotten < trace_regblock_size)
 			error (_("Failure to get requested trace"
 				 " buffer data"));
 
-		      TRACE_WRITE_R_BLOCK (writer, buf,
+		      TRACE_WRITE_R_BLOCK (writer, buf.data (),
 					   trace_regblock_size);
 		      break;
 		    case 'M':
@@ -221,7 +223,8 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 			LONGEST t;
 			int j;
 
-			t = target_get_raw_trace_data (buf,offset, 10);
+			t = target_get_raw_trace_data (buf.data (),
+						       offset, 10);
 			if (t < 10)
 			  error (_("Failure to get requested trace"
 				   " buffer data"));
@@ -231,10 +234,10 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 
 			gotten = 0;
 			addr = (ULONGEST)
-			  extract_unsigned_integer (buf, 8,
+			  extract_unsigned_integer (buf.data (), 8,
 						    byte_order);
 			mlen = (unsigned short)
-			  extract_unsigned_integer (&buf[8], 2,
+			  extract_unsigned_integer (&((buf.data ())[8]), 2,
 						    byte_order);
 
 			TRACE_WRITE_M_BLOCK_HEADER (writer, addr,
@@ -252,14 +255,15 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 			    else
 			      read_length = mlen - j;
 
-			    t = target_get_raw_trace_data (buf,
+			    t = target_get_raw_trace_data (buf.data (),
 							   offset + j,
 							   read_length);
 			    if (t < read_length)
 			      error (_("Failure to get requested"
 				       " trace buffer data"));
 
-			    TRACE_WRITE_M_BLOCK_MEMORY (writer, buf,
+			    TRACE_WRITE_M_BLOCK_MEMORY (writer,
+							buf.data (),
 							read_length);
 
 			    j += read_length;
@@ -274,18 +278,18 @@ trace_save (const char *filename, struct trace_file_writer *writer,
 			LONGEST val;
 
 			gotten
-			  = target_get_raw_trace_data (buf, offset,
-						       12);
+			  = target_get_raw_trace_data (buf.data (),
+						       offset, 12);
 			if (gotten < 12)
 			  error (_("Failure to get requested"
 				   " trace buffer data"));
 
-			vnum  = (int) extract_signed_integer (buf,
+			vnum  = (int) extract_signed_integer (buf.data (),
 							      4,
 							      byte_order);
 			val
-			  = extract_signed_integer (&buf[4], 8,
-						    byte_order);
+			  = extract_signed_integer (&((buf.data ())[4]),
+						    8, byte_order);
 
 			TRACE_WRITE_V_BLOCK (writer, vnum, val);
 		      }