Fix remote gdb buffer overflow.

author Steve Reinhardt <stever@eecs.umich.edu>

Mon, 28 Aug 2006 16:58:03 +0000 (09:58 -0700)

committer Steve Reinhardt <stever@eecs.umich.edu>

Mon, 28 Aug 2006 16:58:03 +0000 (09:58 -0700)
author Steve Reinhardt <stever@eecs.umich.edu>
Mon, 28 Aug 2006 16:58:03 +0000 (09:58 -0700)
committer Steve Reinhardt <stever@eecs.umich.edu>
Mon, 28 Aug 2006 16:58:03 +0000 (09:58 -0700)
diff --git a/src/base/remote_gdb.cc b/src/base/remote_gdb.cc

index 0d3b73b1eeb091e1a1f89ebb9c00d95a06b8ffb4..e4efa31e3f11fc4466fb55e6cc59fef2319ca520 100644 (file)
--- a/src/base/remote_gdb.cc
+++ b/src/base/remote_gdb.cc
@@ -796,7 +796,6 @@ RemoteGDB::trap(int type)
      size_t datalen, len;
      char data[KGDB_BUFLEN + 1];
      char buffer[sizeof(gdbregs) * 2 + 256];
-    char temp[KGDB_BUFLEN];
      const char *p;
      char command, subcmd;
      string var;
@@ -904,10 +903,14 @@ RemoteGDB::trap(int type)
              }
  
              if (read(val, (size_t)len, (char *)buffer)) {
-              mem2hex(temp, buffer, len);
-              send(temp);
+               // variable length array would be nice, but C++ doesn't
+               // officially support those...
+               char *temp = new char[2*len+1];
+               mem2hex(temp, buffer, len);
+               send(temp);
+               delete [] temp;
              } else {
-              send("E05");
+               send("E05");
              }
              continue;
author	Steve Reinhardt <stever@eecs.umich.edu>
	Mon, 28 Aug 2006 16:58:03 +0000 (09:58 -0700)
committer	Steve Reinhardt <stever@eecs.umich.edu>
	Mon, 28 Aug 2006 16:58:03 +0000 (09:58 -0700)