From: Aaron Merey <amerey@redhat.com>
Date: Wed, 13 Mar 2024 20:18:27 +0000 (-0400)
Subject: gdb/dwarf2: Check for null abbrev_info ptr
X-Git-Tag: gdb-16-branchpoint~1085
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=aa35682ce5937c9fb9d936a29ef260b9916c8487;p=thirdparty%2Fbinutils-gdb.git

gdb/dwarf2: Check for null abbrev_info ptr

A corrupt debuginfo file can result in a null abbrev_info pointer
being passed to cooked_indexer::scan_attributes.  This pointer
is set to nullptr by peek_die_abbrev when an abbrev of 0 is found.

There is no check for whether the abbrev pointer is null and
SIGSEGV occurs when attempting to dereference the pointer.

An abbrev of 0 normally indicates that the corresponding DIE is a
null entry, but scan_attributes expects a non-null DIE.

Fix this by throwing an error in cooked_indexer::scan_attributes
when peek_die_abbrev returns a nullptr in order to avoid
scan_attributes calling itself with a null abbrev.

Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=31478
Co-authored-by: Tom de Vries <tdevries@suse.de>
Approved-By: Tom Tromey <tom@tromey.com>
---

diff --git a/gdb/dwarf2/read.c b/gdb/dwarf2/read.c
index 04a53980569..5ab322e646a 100644
--- a/gdb/dwarf2/read.c
+++ b/gdb/dwarf2/read.c
@@ -16261,6 +16261,13 @@ cooked_indexer::scan_attributes (dwarf2_per_cu_data *scanning_per_cu,
 	  const abbrev_info *new_abbrev = peek_die_abbrev (*new_reader,
 							   new_info_ptr,
 							   &bytes_read);
+
+	  if (new_abbrev == nullptr)
+	    error (_("Dwarf Error: Unexpected null DIE at offset %s "
+		     "[in module %s]"),
+		   sect_offset_str (origin_offset),
+		   bfd_get_filename (new_reader->abfd));
+
 	  new_info_ptr += bytes_read;
 
 	  if (new_reader->cu == reader->cu && new_info_ptr == watermark_ptr)
diff --git a/gdb/testsuite/gdb.dwarf2/dw2-inter-cu-error.exp b/gdb/testsuite/gdb.dwarf2/dw2-inter-cu-error.exp
new file mode 100644
index 00000000000..a628650f074
--- /dev/null
+++ b/gdb/testsuite/gdb.dwarf2/dw2-inter-cu-error.exp
@@ -0,0 +1,51 @@
+# Copyright 2024 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+load_lib dwarf.exp
+
+# This test can only be run on targets which support DWARF-2 and use gas.
+require dwarf2_support
+
+standard_testfile main.c .S
+
+# Create the DWARF.
+set asm_file [standard_output_file $srcfile2]
+Dwarf::assemble $asm_file {
+    declare_labels label1
+
+    cu {} {
+	compile_unit {{language @DW_LANG_C}} {
+	    subprogram {
+		{MACRO_AT_range { main }}
+		{DW_AT_specification %$label1}
+	    }
+	}
+    }
+
+    cu {} {
+	compile_unit {{language @DW_LANG_C}} {
+	    label1:
+	}
+    }
+}
+
+if [prepare_for_testing "failed to prepare" $testfile \
+	[list $asm_file $srcfile] {nodebug}] {
+    return -1
+}
+
+# Verify that GDB notices the null DIE.
+gdb_assert { [regexp "Dwarf Error: Unexpected null DIE" $gdb_file_cmd_msg] } \
+	"Null DIE error missing"