binutils-gdb/libctf
Nick Alcock 6ab5b6d0f3 libctf, lookup: fix bounds of pptrtab lookup
An off-by-one bug in the check for pptrtab lookup meant that we could
access the pptrtab past its bounds (*well* past its bounds),
particularly if we called ctf_lookup_by_name in a child dict with "*foo"
where "foo" is a type that exists in the parent but not the child and no
previous lookups by name have been carried out.  (Note that "*foo" is
not even a valid thing to call ctf_lookup_by_name with: foo * is.
Nonetheless, users sometimes do call ctf_lookup_by_name with invalid
content, and it should return ECTF_NOTYPE, not crash.)

ctf_pptrtab_len, as its name suggests (and as other tests of it in
ctf-lookup.c confirm), is one higher than the maximum valid permissible
index, so the comparison is wrong.

(Test added, which should fail pretty reliably in the presence of this
bug on any machine with 4KiB pages.)

libctf/ChangeLog
2021-09-27  Nick Alcock  <nick.alcock@oracle.com>

	* ctf-lookup.c (ctf_lookup_by_name_internal): Fix pptrtab bounds.
	* testsuite/libctf-writable/pptrtab-writable-page-deep-lookup.*:
	New test.
2021-09-27 20:31:26 +01:00
..
testsuite libctf, lookup: fix bounds of pptrtab lookup 2021-09-27 20:31:26 +01:00
.gitignore
aclocal.m4
ChangeLog libctf, lookup: fix bounds of pptrtab lookup 2021-09-27 20:31:26 +01:00
ChangeLog-2020
config.h.in
configure configure: regenerate in all projects that use libtool.m4 2021-09-27 20:31:24 +01:00
configure.ac libctf: try several possibilities for linker versioning flags 2021-09-27 20:31:24 +01:00
ctf-archive.c libctf: fix GNU style for do {} while 2021-03-18 12:37:55 +00:00
ctf-create.c libctf, include: support an alternative encoding for nonrepresentable types 2021-05-06 09:30:59 +01:00
ctf-decl.c
ctf-decls.h
ctf-dedup.c Use htab_eq_string in libctf 2021-05-09 12:28:32 +09:30
ctf-dump.c libctf, dump: do not emit size or alignment if it would error 2021-03-25 16:32:46 +00:00
ctf-endian.h
ctf-error.c
ctf-hash.c Use htab_eq_string in libctf 2021-05-09 12:28:32 +09:30
ctf-impl.h Use htab_eq_string in libctf 2021-05-09 12:28:32 +09:30
ctf-inlines.h
ctf-intl.h
ctf-labels.c
ctf-link.c libctf: fix some tabdamage and move some code around 2021-03-18 12:37:52 +00:00
ctf-lookup.c libctf, lookup: fix bounds of pptrtab lookup 2021-09-27 20:31:26 +01:00
ctf-open-bfd.c libctf: make ctf_bfdopen_ctfsect a debugger entry point 2021-03-25 16:32:49 +00:00
ctf-open.c libctf: fix handling of CTF symtypetab sections emitted by older GCC 2021-09-27 20:31:25 +01:00
ctf-qsort_r.c
ctf-serialize.c libctf, serialize: functions with no args have a NULL dtd_vlen 2021-03-25 16:32:48 +00:00
ctf-sha1.c
ctf-sha1.h
ctf-string.c libctf: eliminate dtd_u, part 4: enums 2021-03-18 12:40:40 +00:00
ctf-subr.c
ctf-types.c libctf, include: support an alternative encoding for nonrepresentable types 2021-05-06 09:30:59 +01:00
ctf-util.c
elf.h
libctf.ver libctf: try several possibilities for linker versioning flags 2021-09-27 20:31:24 +01:00
Makefile.am libctf: try several possibilities for linker versioning flags 2021-09-27 20:31:24 +01:00
Makefile.in configure: regenerate in all projects that use libtool.m4 2021-09-27 20:31:24 +01:00
NEWS libctf, include: support an alternative encoding for nonrepresentable types 2021-05-06 09:30:59 +01:00
swap.h libctf: fix GNU style for do {} while 2021-03-18 12:37:55 +00:00