From: Mark Wielaard Date: Fri, 6 Oct 2023 11:56:55 +0000 (+0200) Subject: libdw: Skip zero entries in aranges X-Git-Tag: elfutils-0.190~20 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ace48815682214308d2f849f149250a6562c59fe;p=thirdparty%2Felfutils.git libdw: Skip zero entries in aranges An address/length entry of two zeros is supposed to mark the end of a table. But in some cases a producer might leave zero entries in the table (for example when using gcc -ffunction-sections -gc-sections). Since we know the lenght of the table we can just skip such entries and continue to the end. * libdw/dwarf_getaranges.c (dwarf_getaranges): Calculate endp. When seeing two zero values, check we are at endp. https://sourceware.org/bugzilla/show_bug.cgi?id=27805 Signed-off-by: Mark Wielaard --- diff --git a/libdw/dwarf_getaranges.c b/libdw/dwarf_getaranges.c index de5b81baa..27439d372 100644 --- a/libdw/dwarf_getaranges.c +++ b/libdw/dwarf_getaranges.c @@ -1,5 +1,6 @@ /* Return list address ranges. Copyright (C) 2000-2010, 2016, 2017 Red Hat, Inc. + Copyright (C) 2023 Mark J. Wielaard This file is part of elfutils. Written by Ulrich Drepper , 2000. @@ -124,6 +125,10 @@ dwarf_getaranges (Dwarf *dbg, Dwarf_Aranges **aranges, size_t *naranges) && length <= DWARF3_LENGTH_MAX_ESCAPE_CODE)) goto invalid; + const unsigned char *endp = readp + length; + if (unlikely (endp > readendp)) + goto invalid; + if (unlikely (readp + 2 > readendp)) goto invalid; @@ -182,9 +187,17 @@ dwarf_getaranges (Dwarf *dbg, Dwarf_Aranges **aranges, size_t *naranges) else range_length = read_8ubyte_unaligned_inc (dbg, readp); - /* Two zero values mark the end. */ + /* Two zero values mark the end. But in some cases (bugs) + there might be such entries in the middle of the table. + Ignore and continue, we'll check the actual length of + the table to see if we are really at the end. */ if (range_address == 0 && range_length == 0) - break; + { + if (readp >= endp) + break; + else + continue; + } /* We don't use alloca for these temporary structures because the total number of them can be quite large. */