libdw: Make sure all attributes come with a (fake) CU for bound checks. All attributes now have a reference to a (fake) CU that has startp and endp set to the data section where the form data comes from. Use that for bounds checking in __libdw_form_val_len and dwarf_formblock to make sure data read doesn't overflow any data section. Remove libdwP.h cu_data and use cu startp and endp directly where appropriate. Signed-off-by: Mark Wielaard <[email protected]>

commit: 9202665816763fad8524dd78a664dbcaa157b8d4 [log] [tgz]
author: Mark Wielaard <[email protected]> Fri Dec 12 16:43:04 2014 +0100
committer: Mark Wielaard <[email protected]> Wed Dec 17 16:35:56 2014 +0100
tree: a895bade664b2701de624f57d5c79a69ebcd7004
parent: 274cbda6f5d5b7c57d488edaeb55876ba8705db3 [diff] [blame]
diff --git a/libdw/dwarf_getmacros.c b/libdw/dwarf_getmacros.c
index 737dc5d..848128e 100644
--- a/libdw/dwarf_getmacros.c
+++ b/libdw/dwarf_getmacros.c

@@ -354,6 +354,8 @@
 	.dbg = dbg,
 	.version = 4,
 	.offset_size = table->is_64bit ? 8 : 4,
+	.startp = (void *) startp + offset,
+	.endp = (void *) endp,
       };
 
       Dwarf_Attribute attributes[proto->nforms];
@@ -367,8 +369,7 @@
 	  attributes[i].valp = (void *) readp;
 	  attributes[i].cu = &fake_cu;
 
-	  size_t len = __libdw_form_val_len (dbg, &fake_cu,
-					     proto->forms[i], readp, endp);
+	  size_t len = __libdw_form_val_len (&fake_cu, proto->forms[i], readp);
 	  if (len == (size_t) -1)
 	    return -1;
commit	9202665816763fad8524dd78a664dbcaa157b8d4	[log] [tgz]
author	Mark Wielaard <[email protected]>	Fri Dec 12 16:43:04 2014 +0100
committer	Mark Wielaard <[email protected]>	Wed Dec 17 16:35:56 2014 +0100
tree	a895bade664b2701de624f57d5c79a69ebcd7004
parent	274cbda6f5d5b7c57d488edaeb55876ba8705db3 [diff] [blame]