From patchwork Tue Jan 1 15:01:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Philippe Waroquiers X-Patchwork-Id: 30926 Received: (qmail 77481 invoked by alias); 1 Jan 2019 15:02:02 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 77469 invoked by uid 89); 1 Jan 2019 15:02:02 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-27.6 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_LOW, SPF_PASS autolearn=ham version=3.3.2 spammy=Stop, HContent-Transfer-Encoding:8bit X-HELO: mailsec112.isp.belgacom.be Received: from mailsec112.isp.belgacom.be (HELO mailsec112.isp.belgacom.be) (195.238.20.108) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 01 Jan 2019 15:01:58 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=skynet.be; i=@skynet.be; q=dns/txt; s=securemail; t=1546354918; x=1577890918; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=yoIY5xwgPL+KJtFFhK9nhEtIxnG7MKcvoilCTko6f4k=; b=gy93QvDh3U+q3Y/YT5A8WzQ6Wmb92WebN6jTFnT3Asnl02iYf0A9WKBn KIhSsFB2wu4LQ+UB+r5h3jJWsdQN1g==; Received: from 184.205-67-87.adsl-dyn.isp.belgacom.be (HELO md.home) ([87.67.205.184]) by relay.skynet.be with ESMTP/TLS/DHE-RSA-AES128-GCM-SHA256; 01 Jan 2019 16:01:55 +0100 From: Philippe Waroquiers To: gdb-patches@sourceware.org Cc: Philippe Waroquiers Subject: [RFA] Fix 'Invalid read of size 4' in search_command_helper Date: Tue, 1 Jan 2019 16:01:51 +0100 Message-Id: <20190101150151.3177-1-philippe.waroquiers@skynet.be> MIME-Version: 1.0 X-IsSubscribed: yes Valgrind detects the below error in gdb.base/list.exp. ==14763== Invalid read of size 4 ==14763== at 0x60B584: search_command_helper(char const*, int, bool) [clone .constprop.91] (source.c:1601) ==14763== by 0x408888: cmd_func(cmd_list_element*, char const*, int) (cli-decode.c:1892) ==14763== by 0x668550: execute_command(char const*, int) (top.c:630) ==14763== by 0x4B2F7B: command_handler(char const*) (event-top.c:583) ==14763== by 0x4B326C: command_line_handler(std::unique_ptr >&&) (event-top.c:772) ... ==14763== Address 0x6d9f09c is 4 bytes before a block of size 156 alloc'd ==14763== at 0x4C2E2B3: realloc (vg_replace_malloc.c:836) ==14763== by 0x41904C: xrealloc (common-utils.c:62) ==14763== by 0x60A300: find_source_lines(symtab*, int) (source.c:1203) ==14763== by 0x608219: source_cache::get_plain_source_lines(symtab*, int, int, std::__cxx11::basic_string, std::allocator >*) (source-cache.c:51) ==14763== by 0x60A46B: print_source_lines_base(symtab*, int, int, enum_flags) (source.c:1350) ==14763== by 0x404E2D: list_command(char const*, int) (cli-cmds.c:1080) .... Add the missing condition to end the loop once line 1 has been reversed-searched. gdb/ChangeLog 2019-01-01 Philippe Waroquiers * source.c (search_command_helper): Stop reverse search when line 1 has been searched. --- gdb/source.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gdb/source.c b/gdb/source.c index 5c300db3ad..ad6c6466b4 100644 --- a/gdb/source.c +++ b/gdb/source.c @@ -1598,6 +1598,8 @@ search_command_helper (const char *regex, int from_tty, bool forward) else { line--; + if (line < 1) + break; if (fseek (stream.get (), current_source_symtab->line_charpos[line - 1], 0) < 0) {