mirror of
https://sourceware.org/git/binutils-gdb.git
synced 2024-11-21 01:12:32 +08:00
1706852c3c
In various situations the cplus_demangle () function could read past the
end of input causing crashes. Add checks in various places to not advance
the demangle string location and fail early when end of string is reached.
Add various examples of input strings to the testsuite that would crash
test-demangle before the fixes.
Found by using the American Fuzzy Lop (afl) fuzzer.
libiberty/ChangeLog:
* cplus-dem.c (demangle_signature): After 'H', template function,
no success and don't advance position if end of string reached.
(demangle_template): After 'z', template name, return zero on
premature end of string.
(gnu_special): Guard strchr against searching for zero characters.
(do_type): If member, only advance mangled string when 'F' found.
* testsuite/demangle-expected: Add examples of strings that could
crash the demangler by reading past end of input.
|
||
|---|---|---|
| .. | ||
| config | ||
| testsuite | ||
| _doprnt.c | ||
| .gitignore | ||
| aclocal.m4 | ||
| alloca.c | ||
| argv.c | ||
| asprintf.c | ||
| at-file.texi | ||
| atexit.c | ||
| basename.c | ||
| bcmp.c | ||
| bcopy.c | ||
| bsearch.c | ||
| bzero.c | ||
| calloc.c | ||
| ChangeLog | ||
| ChangeLog.jit | ||
| choose-temp.c | ||
| clock.c | ||
| concat.c | ||
| config.h-vms | ||
| config.in | ||
| configure | ||
| configure.ac | ||
| configure.com | ||
| copying-lib.texi | ||
| COPYING.LIB | ||
| copysign.c | ||
| cp-demangle.c | ||
| cp-demangle.h | ||
| cp-demint.c | ||
| cplus-dem.c | ||
| crc32.c | ||
| d-demangle.c | ||
| dwarfnames.c | ||
| dyn-string.c | ||
| fdmatch.c | ||
| ffs.c | ||
| fibheap.c | ||
| filename_cmp.c | ||
| floatformat.c | ||
| fnmatch.c | ||
| fnmatch.txh | ||
| fopen_unlocked.c | ||
| functions.texi | ||
| gather-docs | ||
| getcwd.c | ||
| getopt1.c | ||
| getopt.c | ||
| getpagesize.c | ||
| getpwd.c | ||
| getruntime.c | ||
| gettimeofday.c | ||
| hashtab.c | ||
| hex.c | ||
| index.c | ||
| insque.c | ||
| lbasename.c | ||
| libiberty.texi | ||
| lrealpath.c | ||
| maint-tool | ||
| make-relative-prefix.c | ||
| make-temp-file.c | ||
| Makefile.in | ||
| makefile.vms | ||
| md5.c | ||
| memchr.c | ||
| memcmp.c | ||
| memcpy.c | ||
| memmem.c | ||
| memmove.c | ||
| mempcpy.c | ||
| memset.c | ||
| mkstemps.c | ||
| msdos.c | ||
| objalloc.c | ||
| obstack.c | ||
| obstacks.texi | ||
| partition.c | ||
| pex-common.c | ||
| pex-common.h | ||
| pex-djgpp.c | ||
| pex-msdos.c | ||
| pex-one.c | ||
| pex-unix.c | ||
| pex-win32.c | ||
| pexecute.c | ||
| pexecute.txh | ||
| physmem.c | ||
| putenv.c | ||
| random.c | ||
| README | ||
| regex.c | ||
| rename.c | ||
| rindex.c | ||
| safe-ctype.c | ||
| setenv.c | ||
| setproctitle.c | ||
| sha1.c | ||
| sigsetmask.c | ||
| simple-object-coff.c | ||
| simple-object-common.h | ||
| simple-object-elf.c | ||
| simple-object-mach-o.c | ||
| simple-object-xcoff.c | ||
| simple-object.c | ||
| simple-object.txh | ||
| snprintf.c | ||
| sort.c | ||
| spaces.c | ||
| splay-tree.c | ||
| stack-limit.c | ||
| stpcpy.c | ||
| stpncpy.c | ||
| strcasecmp.c | ||
| strchr.c | ||
| strdup.c | ||
| strerror.c | ||
| strncasecmp.c | ||
| strncmp.c | ||
| strndup.c | ||
| strnlen.c | ||
| strrchr.c | ||
| strsignal.c | ||
| strstr.c | ||
| strtod.c | ||
| strtol.c | ||
| strtoll.c | ||
| strtoul.c | ||
| strtoull.c | ||
| strverscmp.c | ||
| timeval-utils.c | ||
| tmpnam.c | ||
| unlink-if-ordinary.c | ||
| vasprintf.c | ||
| vfork.c | ||
| vfprintf.c | ||
| vprintf-support.c | ||
| vprintf-support.h | ||
| vprintf.c | ||
| vsnprintf.c | ||
| vsprintf.c | ||
| waitpid.c | ||
| xasprintf.c | ||
| xatexit.c | ||
| xexit.c | ||
| xmalloc.c | ||
| xmemdup.c | ||
| xstrdup.c | ||
| xstrerror.c | ||
| xstrndup.c | ||
| xvasprintf.c | ||
This directory contains the -liberty library of free software.
It is a collection of subroutines used by various GNU programs.
Current members include:
getopt -- get options from command line
obstack -- stacks of arbitrarily-sized objects
strerror -- error message strings corresponding to errno
strtol -- string-to-long conversion
strtoul -- string-to-unsigned-long conversion
We expect many of the GNU subroutines that are floating around to
eventually arrive here.
The library must be configured from the top source directory. Don't
try to run configure in this directory. Follow the configuration
instructions in ../README.
Please report bugs to "gcc-bugs@gcc.gnu.org" and send fixes to
"gcc-patches@gcc.gnu.org". Thank you.
ADDING A NEW FILE
=================
There are two sets of files: Those that are "required" will be
included in the library for all configurations, while those
that are "optional" will be included in the library only if "needed."
To add a new required file, edit Makefile.in to add the source file
name to CFILES and the object file to REQUIRED_OFILES.
To add a new optional file, it must provide a single function, and the
name of the function must be the same as the name of the file.
* Add the source file name to CFILES in Makefile.in and the object
file to CONFIGURED_OFILES.
* Add the function to name to the funcs shell variable in
configure.ac.
* Add the function to the AC_CHECK_FUNCS lists just after the
setting of the funcs shell variable. These AC_CHECK_FUNCS calls
are never executed; they are there to make autoheader work
better.
* Consider the special cases of building libiberty; as of this
writing, the special cases are newlib and VxWorks. If a
particular special case provides the function, you do not need
to do anything. If it does not provide the function, add the
object file to LIBOBJS, and add the function name to the case
controlling whether to define HAVE_func.
Finally, in the build directory of libiberty, configure with
"--enable-maintainer-mode", run "make maint-deps" to update
Makefile.in, and run 'make stamp-functions' to regenerate
functions.texi.
The optional file you've added (e.g. getcwd.c) should compile and work
on all hosts where it is needed. It does not have to work or even
compile on hosts where it is not needed.
ADDING A NEW CONFIGURATION
==========================
On most hosts you should be able to use the scheme for automatically
figuring out which files are needed. In that case, you probably
don't need a special Makefile stub for that configuration.
If the fully automatic scheme doesn't work, you may be able to get
by with defining EXTRA_OFILES in your Makefile stub. This is
a list of object file names that should be treated as required
for this configuration - they will be included in libiberty.a,
regardless of whatever might be in the C library.