From patchwork Thu Dec 21 08:38:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kirill Radkin X-Patchwork-Id: 82660 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 86147384F4B8 for ; Thu, 21 Dec 2023 08:39:10 +0000 (GMT) X-Original-To: gdb-patches@sourceware.org Delivered-To: gdb-patches@sourceware.org Received: from mta-04.yadro.com (mta-04.yadro.com [89.207.88.248]) by sourceware.org (Postfix) with ESMTPS id ED14F3858407 for ; Thu, 21 Dec 2023 08:38:51 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org ED14F3858407 Authentication-Results: sourceware.org; dmarc=fail (p=none dis=none) header.from=syntacore.com Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=syntacore.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org ED14F3858407 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=89.207.88.248 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1703147934; cv=none; b=IjAbmg6hmZ00Swq24ICylQ34hthXWeL8KdHqgXXa3RRgw8MedDApIpWsWoLWrCyDrw0rMnOFmhgGriZHcd4ojqTXXfXLmIG/aMbvxge3PDmoQXhYmOAYmAfDw5K6utBj5l4Dqa4NXBjPzeh1KytUqrqDF546pLTmTLEvkCM4Oq8= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1703147934; c=relaxed/simple; bh=evd/29a0EubBa5IoQ3Kdm6pF8dFTvQ+odnnAP26E0LQ=; h=DKIM-Signature:DKIM-Signature:From:To:Subject:Date:Message-ID: MIME-Version; b=rCQQtnv0/N8P+MG4pN5/COBWB4W/fPvJuvi5zHY6UfPWQ2CnQh2Y8WugXkvUGOnz7UcRtrmxeHZSnzH17zOFO3VoLrLGQZ+LoHneLbBH1dE5ze3KL28arfYo9H8OX1QBpZKEMfYtx84QwMNdtiMe/v366JG/CLwAZ+eXKGvBGE0= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 mta-04.yadro.com 2F709C0010 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=syntacore.com; s=mta-04; t=1703147930; bh=V5CW+KubjiWVcQQv5MauBmiAjxYTioSaHNAbzXqpJ9U=; h=From:To:Subject:Date:Message-ID:Content-Type:MIME-Version:From; b=kJcBTBAg1wPQzarwBqLy9GKzRVMta/swhHbCzo+3lhiQopV7H3NmvolW0H9VLoUD7 7bhgpWcheOOIJ6GC8g3/Sw+krZfHl6E/bJmwAgvEFYS/dD4GqhNQNNqNMxEezdKN4R ms0Zjh1pNXjbWuKqAIUlrLlVgtoYlGK0Dmry3C53hurhWK3xbmgeyZy5FrT0WMaZ3Q vjNtUl/3FmXne5pQPri5U1m0Qx6iLBs3pTVws3bjwTthAo9XfzqBAEH79dXx9PnNhw Dh5wn3US8NgWQs7FJTOYD20M2q90F/9+L7gCQJfIH6CtArXk3xOn12E4RK8aKzoj6/ SerUaDFlzhRWw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=syntacore.com; s=mta-03; t=1703147930; bh=V5CW+KubjiWVcQQv5MauBmiAjxYTioSaHNAbzXqpJ9U=; h=From:To:Subject:Date:Message-ID:Content-Type:MIME-Version:From; b=pgPqHPRb0qYsPZ72vFBjuiuP3OlfH9TGej3sfkprpHliHZDtdZe/7Uz88jiracXFJ Q1G5yArIk0myq6VYLMTor6csSah/SbY9glo+HyvaSsPtrqblB2sSA0XCkuemZZ6CyE 5uf/8IGs+iXKzoFvNqlajkyu2DV5PE/9svsmqpQ1p6L7/z/GIczJZuxq8l3zJ6Ldmc /Ovx4ugKKKxTD1u8bBJBChlvLVgED8ZeHI74R6ZVEyOcY/XB+YA8XoWqHONxj8XVda oHHOw6L1P9MpCU7rBXNAiw1YB1WkJM3qGPzA9nRjKyXRNfcdJWHg6xuU8rOCefxbrY 4nzF1Fln1NUuw== From: Kirill Radkin To: "gdb-patches@sourceware.org" CC: Konstantin Vladimirov , "Ivan Tetyushkin" Subject: [PATCH] [gdbserver] Fix overflow detection in gdbserver Thread-Topic: [PATCH] [gdbserver] Fix overflow detection in gdbserver Thread-Index: AQHaLZBrYwqE6WZY50ezwup6BeA8mA== Date: Thu, 21 Dec 2023 08:38:49 +0000 Message-ID: Accept-Language: ru-RU, en-US Content-Language: ru-RU X-MS-Has-Attach: X-MS-TNEF-Correlator: MIME-Version: 1.0 X-Spam-Status: No, score=-13.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, HTML_MESSAGE, KAM_SHORT, SPF_HELO_NONE, TXREP, T_SCC_BODY_TEXT_LINE, T_SPF_PERMERROR, T_STY_INVIS_DIRECT autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: gdb-patches-bounces+patchwork=sourceware.org@sourceware.org Hi, Recently I have encountered an issue with gdbserver not being able to send debug information from large files (> 2Gb). I found that this issue is connected with parsing offsets (integer) from vFile::pread packets. There is already a patch (https://sourceware.org/bugzilla/show_bug.cgi?id=23198) that allows to parse integers up to 0x7fffffff (32-bit integer), but it doesn't fix the problem at all, because offsets can have a off_t type which can be larger than 32-bit integer (it depends on system). This patch allows require_int() function to parse offset up to the maximum value implied by the off_t type. From 01117d757a0eb4f632aded4b15a06dbcccc7adf7 Mon Sep 17 00:00:00 2001 From: Kirill Radkin Date: Mon, 13 Nov 2023 16:27:15 +0300 Subject: [PATCH] gdbserver: Fix overflow detection in gdbserver Currently gdbserver use require_int() function to parse offset which we get, for example, in vFile::pread packet. This function allows integers up to 0x7fffffff, (to fit in 32-bit int) but actually offset (for pread system call) have a off_t type which can be larger than 32-bit. This patch allows require_int() function to parse offset up to the maximum value implied by the off_t type. --- gdb/testsuite/gdb.server/pread-offset-size.S | 26 ++++++++++ .../gdb.server/pread-offset-size.exp | 47 +++++++++++++++++++ gdbserver/hostio.cc | 16 +++++-- 3 files changed, 85 insertions(+), 4 deletions(-) create mode 100644 gdb/testsuite/gdb.server/pread-offset-size.S create mode 100644 gdb/testsuite/gdb.server/pread-offset-size.exp -- 2.34.1 diff --git a/gdb/testsuite/gdb.server/pread-offset-size.S b/gdb/testsuite/gdb.server/pread-offset-size.S new file mode 100644 index 00000000000..31748090ac3 --- /dev/null +++ b/gdb/testsuite/gdb.server/pread-offset-size.S @@ -0,0 +1,26 @@ +/* This testcase is part of GDB, the GNU debugger. + + Copyright 2023-2023 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . */ + + .text + .globl _start +_start: + .skip 3742415472 + ret + .globl f + .type f, @function +f: + ret diff --git a/gdb/testsuite/gdb.server/pread-offset-size.exp b/gdb/testsuite/gdb.server/pread-offset-size.exp new file mode 100644 index 00000000000..a4b648b29fc --- /dev/null +++ b/gdb/testsuite/gdb.server/pread-offset-size.exp @@ -0,0 +1,47 @@ +# Copyright (C) 2023-2023 Free Software Foundation, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +load_lib gdbserver-support.exp + +if {[skip_gdbserver_tests]} { + return +} + +standard_testfile .S + +if { [prepare_for_testing ${testfile}.exp $testfile \ + $srcfile {debug additional_flags=-nostdlib} ] } { + return -1 +} + +gdb_exit +gdb_start + +gdb_test_no_output "set remote exec-file $binfile" \ +"set remote exec-file" + +# Make sure we're disconnected, in case we're testing with an +# extended-remote board, therefore already connected. +gdb_test "disconnect" ".*" + +set res [gdbserver_spawn ""] +set gdbserver_protocol [lindex $res 0] +set gdbserver_gdbport [lindex $res 1] + +gdb_test "target $gdbserver_protocol $gdbserver_gdbport" \ +"Remote debugging using .*" \ +"target $gdbserver_protocol $gdbserver_gdbport" + +gdb_test "break f" "Breakpoint 1.*" diff --git a/gdbserver/hostio.cc b/gdbserver/hostio.cc index ea70c26da0f..068771428f9 100644 --- a/gdbserver/hostio.cc +++ b/gdbserver/hostio.cc @@ -90,12 +90,16 @@ require_filename (char **pp, char *filename) return 0; } +template static int -require_int (char **pp, int *value) +require_int (char **pp, T *value) { char *p; int count, firstdigit; + /* Max count of hexadecimal digits in off_t (1 hex digit is 4 bits) */ + int max_count = sizeof(T) * CHAR_BIT / 4; + p = *pp; *value = 0; count = 0; @@ -112,7 +116,9 @@ require_int (char **pp, int *value) firstdigit = nib; /* Don't allow overflow. */ - if (count >= 8 || (count == 7 && firstdigit >= 0x8)) + if (count >= max_count || (static_cast(-1) < 0 + && count == (max_count - 1) + && firstdigit >= 0x8)) return -1; *value = *value * 16 + nib; @@ -344,7 +350,8 @@ handle_open (char *own_buf) static void handle_pread (char *own_buf, int *new_packet_len) { - int fd, ret, len, offset, bytes_sent; + int fd, ret, len, bytes_sent; + off_t offset; char *p, *data; static int max_reply_size = -1; @@ -411,7 +418,8 @@ handle_pread (char *own_buf, int *new_packet_len) static void handle_pwrite (char *own_buf, int packet_len) { - int fd, ret, len, offset; + int fd, ret, len; + off_t offset; char *p, *data; p = own_buf + strlen ("vFile:pwrite:");