PR 33637, abort in byte_get
When DWARF5 support was added to binutils in commit
77145576fadc,
the loop over CUs in process_debug_info set do_types when finding a
DW_UT_type unit, in order to process the signature and type offset
entries. Unfortunately that broke debug_information/debug_info_p
handling, which previously was allocated and initialised for each unit
in .debug_info. debug_info_p was NULL when processing a DWARF4
.debug_types section. After the
77145576fadc change it was possible
for debug_infp_p to be non-NULL but point to zeroed data, in
particular a zeroed offset_size. A zero for offset_size led to the
byte_get_little_endian abort triggered by the fuzzer testcase.
I haven't investigated whether there is any need for a valid
offset_size when processing a non-fuzzed DWARF4 .debug_types section.
Presumably we'd have found that out in the last 6 years if that was
the case. We don't want to change debug_information[] for
.debug_types!
PR 33637
* dwarf.c (process_debug_info): Don't change DO_TYPES flag bit
depending on cu_unit_type. Instead test cu_unit_type along
with DO_TYPES to handle signature and type_offset for a type
unit. Move find_cu_tu_set_v2 call a little later.
projects / thirdparty / binutils-gdb.git / commit
