git.ipfire.org Git - thirdparty/binutils-gdb.git/commit

author	Tom de Vries <tdevries@suse.de>
	Thu, 13 Mar 2025 06:49:33 +0000 (07:49 +0100)
committer	Tom de Vries <tdevries@suse.de>
	Thu, 13 Mar 2025 06:49:33 +0000 (07:49 +0100)
commit	51729ea0905d1f688b7fd2ea769e69b29daa1b7c
tree	275b0b814fdf6896da6b3f0775af1324ea434835	tree \| snapshot
parent	f9f033220046f011aeb259469cb15fe8141b213b	commit \| diff

[gdb/record] Fix out-of-bounds write in aarch64_record_asimd_load_store

After compiling gdb with -fstack-protector-all, and running test-case
gdb.reverse/getrandom.exp on aarch64-linux, we run into
"Stack smashing detected" in function aarch64_record_asimd_load_store.

This is reported in PR record/32784.

This happens due to an out-of-bounds write to local array record_buf_mem:
...
uint64_t record_buf_mem[24];
...
when recording insn:
...
B+>0xfffff7ff4d10 st1 {v0.16b-v3.16b}, [x0]
...

We can fix this by increasing the array size to 128, but rather than again
hardcoding a size, reimplement record_buf_mem as std::vector.

Tested on aarch64-linux.

Approved-By: Guinevere Larsen <guinevere@redhat.com>
Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=32784