Fix gdb_bfd_section_index for special sections

Indexes returned for special sections are off by one, i.e. with N+4
sections last one has index N+4 returned which is outside allocated
obstack (at the same time index N is not used at all).

In worst case, if sections obstack is allocated up to end of chunk,
writing last section data will cause buffer overrun and some data
corruption.

Here's output from Valgrind::

==14630== Invalid write of size 8
==14630==    at 0x551B1A: add_to_objfile_sections_full (objfiles.c:225)
==14630==    by 0x552768: allocate_objfile (objfiles.c:324)
==14630==    by 0x4E8E2E: symbol_file_add_with_addrs (symfile.c:1171)
==14630==    by 0x4E9453: symbol_file_add_from_bfd (symfile.c:1280)
==14630==    by 0x4E9453: symbol_file_add (symfile.c:1295)
==14630==    by 0x4E94B7: symbol_file_add_main_1 (symfile.c:1320)
==14630==    by 0x514246: catch_command_errors_const (main.c:398)
==14630==    by 0x5150AA: captured_main (main.c:1061)
==14630==    by 0x51123C: catch_errors (exceptions.c:240)
==14630==    by 0x51569A: gdb_main (main.c:1164)
==14630==    by 0x408824: main (gdb.c:32)
==14630==  Address 0x635f3b8 is 8 bytes after a block of size 4,064 alloc'd
==14630==    at 0x4C2ABA0: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14630==    by 0x60F797: xmalloc (common-utils.c:41)
==14630==    by 0x5E787FB: _obstack_begin (obstack.c:184)
==14630==    by 0x552679: allocate_objfile (objfiles.c:294)
==14630==    by 0x4E8E2E: symbol_file_add_with_addrs (symfile.c:1171)
==14630==    by 0x4E9453: symbol_file_add_from_bfd (symfile.c:1280)
==14630==    by 0x4E9453: symbol_file_add (symfile.c:1295)
==14630==    by 0x4E94B7: symbol_file_add_main_1 (symfile.c:1320)
==14630==    by 0x514246: catch_command_errors_const (main.c:398)
==14630==    by 0x5150AA: captured_main (main.c:1061)
==14630==    by 0x51123C: catch_errors (exceptions.c:240)
==14630==    by 0x51569A: gdb_main (main.c:1164)
==14630==    by 0x408824: main (gdb.c:32)

gdb/ChangeLog:
	* gdb_bfd.c (gdb_bfd_section_index): Fix off-by-one for special
	sections.

diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index 150b29a4f04e085a4b3f256e4d38acab4ed84eda..3ef965c9f73c214aa9c631a4276cd0cb96cc83bf 100644 (file)
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,8 @@
+2015-03-27  Andrzej Kaczmarek  <andrzej.kaczmarek@tieto.com>
+
+       * gdb_bfd.c (gdb_bfd_section_index): Fix off-by-one for special
+       sections.
+
 2015-03-26  Joel Brobecker  <brobecker@adacore.com>
 
        * dtrace-probe.c (dtrace_process_dof_probe): Contain any

diff --git a/gdb/gdb_bfd.c b/gdb/gdb_bfd.c
index 7543dae0b2f02df7984cefccb8fce48824a34626..3f89d3aec5b888e8404e6bd027df6e9dcbb80f91 100644 (file)
--- a/gdb/gdb_bfd.c
+++ b/gdb/gdb_bfd.c
@@ -616,13 +616,13 @@ gdb_bfd_section_index (bfd *abfd, asection *section)
   if (section == NULL)
     return -1;
   else if (section == bfd_com_section_ptr)
-    return bfd_count_sections (abfd) + 1;
+    return bfd_count_sections (abfd);
   else if (section == bfd_und_section_ptr)
-    return bfd_count_sections (abfd) + 2;
+    return bfd_count_sections (abfd) + 1;
   else if (section == bfd_abs_section_ptr)
-    return bfd_count_sections (abfd) + 3;
+    return bfd_count_sections (abfd) + 2;
   else if (section == bfd_ind_section_ptr)
-    return bfd_count_sections (abfd) + 4;
+    return bfd_count_sections (abfd) + 3;
   return section->index;
 }