ubsan: signed integer overflow in display_debug_lines_raw
This one was caused by me unnecessarily promoting an "int adv" to "int64_t adv". The expression overflowing was 4259 + 9223372036854775807 with the left number being unsigned int. * dwarf.h (DWARF2_Internal_LineInfo): Replace unsigned short with uint16_t and unsigned char with uint8_t. Make li_line_base an int8_t. * dwarf.c (display_debug_lines_raw): Revert "adv" back to an int.
This commit is contained in:
Alan Modra
parent
3b37f0f1b8
commit
329dd2b6fc
@ -4670,7 +4670,7 @@ display_debug_lines_raw (struct dwarf_section * section,
|
||||
while (data < end_of_sequence)
|
||||
{
|
||||
unsigned char op_code;
|
||||
int64_t adv;
|
||||
int adv;
|
||||
uint64_t uladv;
|
||||
|
||||
printf (" [0x%08tx]", data - start);
|
||||
@ -4717,7 +4717,7 @@ display_debug_lines_raw (struct dwarf_section * section,
|
||||
}
|
||||
adv = (op_code % linfo.li_line_range) + linfo.li_line_base;
|
||||
state_machine_regs.line += adv;
|
||||
printf (_(" and Line by %" PRId64 " to %d"),
|
||||
printf (_(" and Line by %d to %d"),
|
||||
adv, state_machine_regs.line);
|
||||
if (verbose_view || state_machine_regs.view)
|
||||
printf (_(" (view %u)\n"), state_machine_regs.view);
|
||||
@ -4782,7 +4782,7 @@ display_debug_lines_raw (struct dwarf_section * section,
|
||||
case DW_LNS_advance_line:
|
||||
READ_SLEB (adv, data, end);
|
||||
state_machine_regs.line += adv;
|
||||
printf (_(" Advance Line by %" PRId64 " to %d\n"),
|
||||
printf (_(" Advance Line by %d to %d\n"),
|
||||
adv, state_machine_regs.line);
|
||||
break;
|
||||
|
||||
@ -4802,7 +4802,7 @@ display_debug_lines_raw (struct dwarf_section * section,
|
||||
case DW_LNS_negate_stmt:
|
||||
adv = state_machine_regs.is_stmt;
|
||||
adv = ! adv;
|
||||
printf (_(" Set is_stmt to %" PRId64 "\n"), adv);
|
||||
printf (_(" Set is_stmt to %d\n"), adv);
|
||||
state_machine_regs.is_stmt = adv;
|
||||
break;
|
||||
|
||||
|
||||
@ -23,18 +23,19 @@
|
||||
/* Structure found in the .debug_line section. */
|
||||
typedef struct
|
||||
{
|
||||
uint64_t li_length;
|
||||
unsigned short li_version;
|
||||
unsigned char li_address_size;
|
||||
unsigned char li_segment_size;
|
||||
uint64_t li_prologue_length;
|
||||
unsigned char li_min_insn_length;
|
||||
unsigned char li_max_ops_per_insn;
|
||||
unsigned char li_default_is_stmt;
|
||||
int li_line_base;
|
||||
unsigned char li_line_range;
|
||||
unsigned char li_opcode_base;
|
||||
unsigned int li_offset_size;
|
||||
uint64_t li_length;
|
||||
uint16_t li_version;
|
||||
uint8_t li_address_size;
|
||||
uint8_t li_segment_size;
|
||||
uint64_t li_prologue_length;
|
||||
uint8_t li_min_insn_length;
|
||||
uint8_t li_max_ops_per_insn;
|
||||
uint8_t li_default_is_stmt;
|
||||
int8_t li_line_base;
|
||||
uint8_t li_line_range;
|
||||
uint8_t li_opcode_base;
|
||||
/* Not part of the header. 4 for 32-bit dwarf, 8 for 64-bit. */
|
||||
unsigned int li_offset_size;
|
||||
}
|
||||
DWARF2_Internal_LineInfo;
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user