Go to file
Joel Brobecker 4fbb7ccebe Fix stack smashing error during gdb_mpq_write_fixed_point selftest
When building GDB using Ubuntu 20.04's system libgmp and compiler,
running the "maintenance selftest" command triggers the following error:

    | Running selftest gdb_mpq_write_fixed_point.
    | *** stack smashing detected ***: terminated
    | [1]    1092790 abort (core dumped)  ./gdb gdb

This happens while trying to construct an mpq_t object (a rational)
from two integers representing the numerator and denominator.
In our test, the numerator is -8, and the denominator is 1.
The problem was that the rational was constructed using the wrong
function. This is what we were doing prior to this patch:

    mpq_set_ui (v.val, numerator, denominator);

The 'u' in "ui" stands for *unsigned*, which is wrong because
numerator and denominator's type is "int".

As a result of the above, instead of getting a rational value of -8,
we get a rational with a very large positive value (gmp_printf
says "18446744073709551608").

From there, the test performs an operation which is expected to
write this value into a buffer which was not dimensioned to fit
such a number, thus leading GMP into a buffer overflow.
This was verified by applying the formula that GMP's documentation
gives for the required memory buffer size needed during export:

    | When an application is allocating space itself the required size can
    | be determined with a calculation like the following. Since
    | mpz_sizeinbase always returns at least 1, count here will be at
    | least one, which avoids any portability problems with malloc(0),
    | though if z is zero no space at all is actually needed (or written).
    |
    |     numb = 8*size - nail;
    |     count = (mpz_sizeinbase (z, 2) + numb-1) / numb;
    |     p = malloc (count * size);

With the very large number, mpz_sizeinbase returns 66 and thus
the malloc size becomes 16 bytes instead of the 8 we allocated.

This patch fixes the issue by using the correct "set" function.

gdb/ChangeLog:

        * unittests/gmp-utils-selftests.c (write_fp_test): Use mpq_set_si
        instead of mpq_set_ui to initialize our GMP rational.
2020-11-24 06:34:57 +04:00
bfd Automatic date update in version.in 2020-11-24 00:00:17 +00:00
binutils Add missing test file 2020-11-20 14:06:14 +00:00
config sync libiberty from gcc 2020-09-08 20:12:57 +09:30
contrib Import mklog.py from gcc repo 2020-09-25 10:24:44 -04:00
cpu Fix spelling mistakes 2020-10-05 14:20:15 +01:00
elfcpp gold: Update GNU_PROPERTY_X86_XXX macros 2020-10-13 05:21:05 -07:00
etc texi2pod.pl: import support for @t{...} from gcc 2020-01-15 12:58:09 -05:00
gas aarch64: Add support for Cortex-A78C 2020-11-23 10:06:15 +00:00
gdb Fix stack smashing error during gdb_mpq_write_fixed_point selftest 2020-11-24 06:34:57 +04:00
gdbserver gdbserver: add missing --disable-packet options to help text 2020-11-11 09:08:31 +00:00
gdbsupport Ignore system_error in thread startup 2020-11-20 08:22:46 -07:00
gnulib gnulib: Ensure all libraries are used when building gdb/gdbserver 2020-10-09 09:31:43 +01:00
gold [GOLD] powerpc incremental-dump assertion failure 2020-11-17 20:59:53 +10:30
gprof Unify Solaris procfs and largefile handling 2020-07-30 15:41:50 +02:00
include libctf, include: add ctf_getsymsect and ctf_getstrsect 2020-11-20 13:34:12 +00:00
intl Regen with blessed automake-1.15.1 2020-02-20 13:02:24 +10:30
ld s390x: Set .got sh_entsize only if .got size > 0 2020-11-23 05:13:55 -08:00
libctf libctf: do not crash when CTF symbol or variable linking fails 2020-11-20 13:34:13 +00:00
libdecnumber Run autoreconf -vf throughout 2020-07-29 16:03:55 -04:00
libiberty Sync libiberty and include with GCC for get_DW_UT_name. 2020-09-24 22:55:24 +02:00
opcodes aarch64: Extract Condition flag manipulation feature from Armv8.4-A 2020-11-16 21:07:17 +00:00
readline Update readline/README to mention patchlevel 2020-06-30 15:17:07 -06:00
sim sim: pru: Add support for LMBD instruction 2020-11-12 22:41:10 +02:00
texinfo
zlib Merge changes from GCC for the config/ directory 2020-02-19 17:51:24 +00:00
.cvsignore
.gitattributes
.gitignore Add profiling outputs to .gitignore 2019-12-26 06:54:58 +01:00
ar-lib Bump to autoconf 2.69 and automake 1.15.1 2018-06-19 16:55:06 -04:00
ChangeLog Use sha256 for hashes in the release process 2020-10-28 10:35:28 -04:00
compile
config-ml.in Update top level configure files by synchronizing them with gcc. 2018-01-10 15:29:21 +00:00
config.guess Update top level config files with copies from the official repository. 2020-01-18 13:43:19 +00:00
config.rpath
config.sub Update top level config files with copies from the official repository. 2020-01-18 13:43:19 +00:00
configure config/debuginfod.m4: Use PKG_CHECK_MODULES 2020-07-24 15:16:20 -04:00
configure.ac config/debuginfod.m4: Use PKG_CHECK_MODULES 2020-07-24 15:16:20 -04:00
COPYING
COPYING3
COPYING3.LIB
COPYING.LIB
COPYING.LIBGLOSS Update the address of the FSF in the copyright notice of files which were using the old address. 2017-12-14 12:48:55 +00:00
COPYING.NEWLIB
depcomp
djunpack.bat
install-sh
libtool.m4 Bump to autoconf 2.69 and automake 1.15.1 2018-06-19 16:55:06 -04:00
lt~obsolete.m4
ltgcc.m4
ltmain.sh
ltoptions.m4
ltsugar.m4
ltversion.m4
MAINTAINERS Move gdbserver to top level 2020-02-07 08:42:25 -07:00
Makefile.def gdb/gdbserver: add dependencies for distclean-gnulib 2020-10-14 15:05:14 +01:00
Makefile.in gdb/gdbserver: add dependencies for distclean-gnulib 2020-10-14 15:05:14 +01:00
Makefile.tpl Revert "Sync top level files with versions from gcc." 2019-05-30 11:17:19 +01:00
makefile.vms
missing
mkdep
mkinstalldirs
move-if-change
multilib.am Merge autoconf / automake update changes from GCC. 2018-10-31 17:10:56 +00:00
README
README-maintainer-mode Bump to autoconf 2.69 and automake 1.15.1 2018-06-19 16:55:06 -04:00
setup.com
src-release.sh Use sha256 for hashes in the release process 2020-10-28 10:35:28 -04:00
symlink-tree
test-driver Bump to autoconf 2.69 and automake 1.15.1 2018-06-19 16:55:06 -04:00
ylwrap

		   README for GNU development tools

This directory contains various GNU compilers, assemblers, linkers, 
debuggers, etc., plus their support routines, definitions, and documentation.

If you are receiving this as part of a GDB release, see the file gdb/README.
If with a binutils release, see binutils/README;  if with a libg++ release,
see libg++/README, etc.  That'll give you info about this
package -- supported targets, how to use it, how to report bugs, etc.

It is now possible to automatically configure and build a variety of
tools with one command.  To build all of the tools contained herein,
run the ``configure'' script here, e.g.:

	./configure 
	make

To install them (by default in /usr/local/bin, /usr/local/lib, etc),
then do:
	make install

(If the configure script can't determine your type of computer, give it
the name as an argument, for instance ``./configure sun4''.  You can
use the script ``config.sub'' to test whether a name is recognized; if
it is, config.sub translates it to a triplet specifying CPU, vendor,
and OS.)

If you have more than one compiler on your system, it is often best to
explicitly set CC in the environment before running configure, and to
also set CC when running make.  For example (assuming sh/bash/ksh):

	CC=gcc ./configure
	make

A similar example using csh:

	setenv CC gcc
	./configure
	make

Much of the code and documentation enclosed is copyright by
the Free Software Foundation, Inc.  See the file COPYING or
COPYING.LIB in the various directories, for a description of the
GNU General Public License terms under which you can copy the files.

REPORTING BUGS: Again, see gdb/README, binutils/README, etc., for info
on where and how to report problems.