While trying to build on Cygwin (gcc 10.2.0), I got:
CXX server.o
/home/Baube/src/binutils-gdb/gdbserver/server.cc: In function 'void handle_general_set(char*)':
/home/Baube/src/binutils-gdb/gdbserver/server.cc:832:12: error: 'sprintf' argument 3 overlaps destination object 'own_buf' [-Werror=restrict]
832 | sprintf (own_buf, "E.Unknown thread-events mode requested: %s\n",
| ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
833 | mode);
| ~~~~~
/home/Baube/src/binutils-gdb/gdbserver/server.cc:553:27: note: destination object referenced by 'restrict'-qualified argument 1 was declared here
553 | handle_general_set (char *own_buf)
| ~~~~~~^~~~~~~
There is indeed a problem: mode points somewhere into own_buf. And by
the time mode gets formatted as a %s, whatever it points to has been
overwritten. I hacked gdbserver to coerce it into that error path, and
this is the resulting message:
(gdb) p own_buf
$1 = 0x629000000200 "E.Unknown thread-events mode requested: ad-events mode requested: 00;10:
9020fdf7ff7f0000;thread:p49388.49388;core:e;\n"
Fix it by formatting the error string in an std::string first.
gdbserver/ChangeLog:
* server.cc (handle_general_set): Don't use sprintf with
argument overlapping buffer.
Change-Id: I4fdf05c0117f63739413dd67ddae7bd6ee414824
+2020-10-21 Simon Marchi <simon.marchi@polymtl.ca>
+
+ * server.cc (handle_general_set): Don't use sprintf with
+ argument overlapping buffer.
+
2020-10-20 Tom Tromey <tromey@adacore.com>
PR gdb/26742:
else
{
/* We don't know what this mode is, so complain to GDB. */
- sprintf (own_buf, "E.Unknown thread-events mode requested: %s\n",
- mode);
+ std::string err
+ = string_printf ("E.Unknown thread-events mode requested: %s\n",
+ mode);
+ strcpy (own_buf, err.c_str ());
return;
}