[gdb/symtab] Throw DWARF error on out-of-bounds DW_FORM_strx

author Tom de Vries <tdevries@suse.de>

Fri, 2 May 2025 20:21:36 +0000 (22:21 +0200)

committer Tom de Vries <tdevries@suse.de>

Fri, 2 May 2025 20:21:36 +0000 (22:21 +0200)
author Tom de Vries <tdevries@suse.de>
Fri, 2 May 2025 20:21:36 +0000 (22:21 +0200)
committer Tom de Vries <tdevries@suse.de>
Fri, 2 May 2025 20:21:36 +0000 (22:21 +0200)
diff --git a/gdb/dwarf2/read.c b/gdb/dwarf2/read.c

index 951f9d26e4b419b5e775deda1185bc8b421e5428..6848f63aa2e4552b293a5cf7756a95af4e335c91 100644 (file)
--- a/gdb/dwarf2/read.c
+++ b/gdb/dwarf2/read.c
@@ -15333,9 +15333,16 @@ read_str_index (struct dwarf2_cu *cu,
              " in CU at offset %s [in module %s]"),
            form_name, str_section->get_name (),
            sect_offset_str (cu->header.sect_off), objf_name);
-  info_ptr = (str_offsets_section->buffer
-             + str_offsets_base
-             + str_index * offset_size);
+
+  ULONGEST str_offsets_offset = str_offsets_base + str_index * offset_size;
+  if (str_offsets_offset >= str_offsets_section->size)
+    error (_(DWARF_ERROR_PREFIX
+            "Offset from %s pointing outside of %s section in CU at offset %s"
+            " [in module %s]"),
+          form_name, str_offsets_section->get_name (),
+          sect_offset_str (cu->header.sect_off), objf_name);
+  info_ptr = str_offsets_section->buffer + str_offsets_offset;
+
    if (offset_size == 4)
      str_offset = bfd_get_32 (abfd, info_ptr);
    else
diff --git a/gdb/testsuite/gdb.dwarf2/dw-form-strx-out-of-bounds.exp b/gdb/testsuite/gdb.dwarf2/dw-form-strx-out-of-bounds.exp

new file mode 100644 (file)

index 0000000..f2123fa
--- /dev/null
+++ b/gdb/testsuite/gdb.dwarf2/dw-form-strx-out-of-bounds.exp
@@ -0,0 +1,35 @@
+# Copyright 2025 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# Check that an out-of-bounds DW_FORM_strx attribute triggers a DWARF error.
+
+# Out of bounds index.
+set int_str_idx 1
+
+source $srcdir/$subdir/dw-form-strx.exp.tcl
+
+set re_dwarf_error \
+    [string_list_to_regexp \
+        "DWARF Error: Offset from DW_FORM_GNU_str_index or DW_FORM_strx" \
+        " pointing outside of .debug_str_offsets section in CU at offset"\
+        " "]$hex
+set re_in_module \
+    {in module [^\r\n]+}
+set re_in_module [string_to_regexp {[}]$re_in_module[string_to_regexp {]}]
+set re_no_symbol [string_to_regexp {No symbol "global_var" in current context.}]
+gdb_test "ptype global_var" \
+    [multi_line \
+        "$re_dwarf_error $re_in_module"\
+        $re_no_symbol]
author	Tom de Vries <tdevries@suse.de>
	Fri, 2 May 2025 20:21:36 +0000 (22:21 +0200)
committer	Tom de Vries <tdevries@suse.de>
	Fri, 2 May 2025 20:21:36 +0000 (22:21 +0200)
gdb/dwarf2/read.c		patch \| blob \| blame \| history
gdb/testsuite/gdb.dwarf2/dw-form-strx-out-of-bounds.exp	[new file with mode: 0644]	patch \| blob