mirror of
https://sourceware.org/git/binutils-gdb.git
synced 2024-11-28 20:43:45 +08:00
[Ada] ada_unpack_from_contents: Error if target buffer not large enough
This adds a guard that the size of the "unpacked" buffer is large enough to contain at least BIT_SIZE bits. If not, report an error. This is to guard this routine from doing buffer overflows when called incorrectly. gdb/ChangeLog: * ada-lang.c (ada_unpack_from_contents): Add guard that unpacked is large enough for BIT_SIZE. Update function comment.
This commit is contained in:
parent
0cafa88cc0
commit
5b639deae1
@ -1,3 +1,8 @@
|
||||
2015-10-09 Joel Brobecker <brobecker@adacore.com>
|
||||
|
||||
* ada-lang.c (ada_unpack_from_contents): Add guard that unpacked
|
||||
is large enough for BIT_SIZE. Update function comment.
|
||||
|
||||
2015-10-09 Joel Brobecker <brobecker@adacore.com>
|
||||
|
||||
* ada-lang.c (ada_value_primitive_packed_val): Move
|
||||
|
@ -2383,9 +2383,12 @@ has_negatives (struct type *type)
|
||||
}
|
||||
|
||||
/* With SRC being a buffer containing BIT_SIZE bits of data at BIT_OFFSET,
|
||||
unpack that data into UNPACKED. UNPACKED_LEN is the size in bytes of
|
||||
unpack that data into UNPACKED. UNPACKED_LEN is the size in bytes of
|
||||
the unpacked buffer.
|
||||
|
||||
The size of the unpacked buffer (UNPACKED_LEN) is expected to be large
|
||||
enough to contain at least BIT_OFFSET bits. If not, an error is raised.
|
||||
|
||||
IS_BIG_ENDIAN is nonzero if the data is stored in big endian mode,
|
||||
zero otherwise.
|
||||
|
||||
@ -2417,6 +2420,12 @@ ada_unpack_from_contents (const gdb_byte *src, int bit_offset, int bit_size,
|
||||
the indices move. */
|
||||
int delta = is_big_endian ? -1 : 1;
|
||||
|
||||
/* Make sure that unpacked is large enough to receive the BIT_SIZE
|
||||
bits from SRC. .*/
|
||||
if ((bit_size + HOST_CHAR_BIT - 1) / HOST_CHAR_BIT > unpacked_len)
|
||||
error (_("Cannot unpack %d bits into buffer of %d bytes"),
|
||||
bit_size, unpacked_len);
|
||||
|
||||
srcBitsLeft = bit_size;
|
||||
src_bytes_left = src_len;
|
||||
unpacked_bytes_left = unpacked_len;
|
||||
|
Loading…
Reference in New Issue
Block a user