From f408d82c7a140268c3b7be35970c96d8385b5902 Mon Sep 17 00:00:00 2001 From: Simon Marchi Date: Tue, 19 May 2020 14:20:23 -0400 Subject: [PATCH] gdb: fix off-by-one error in quirk_rust_enum Found by inspection, so I don't have a test for it (I don't think it would be easy to have this bug cause a failure reliably). We allocate space for N fields into `new_fields`, then memcpy N fields at `new_fields + 1`. This overflows the allocated buffer by one field. Fix it by allocating `N + 1` fields. gdb/ChangeLog: * dwarf2/read.c (quirk_rust_enum): Allocate enough fields. --- gdb/ChangeLog | 4 ++++ gdb/dwarf2/read.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/gdb/ChangeLog b/gdb/ChangeLog index f62557da6c0..ac0beef5ad5 100644 --- a/gdb/ChangeLog +++ b/gdb/ChangeLog @@ -1,3 +1,7 @@ +2020-05-19 Simon Marchi + + * dwarf2/read.c (quirk_rust_enum): Allocate enough fields. + 2020-05-19 Pedro Alves * NEWS (set exec-file-mismatch): Adjust entry. diff --git a/gdb/dwarf2/read.c b/gdb/dwarf2/read.c index 0c6182bbf3b..2ab7c5c3313 100644 --- a/gdb/dwarf2/read.c +++ b/gdb/dwarf2/read.c @@ -9420,7 +9420,7 @@ quirk_rust_enum (struct type *type, struct objfile *objfile) /* Make space for the discriminant field. */ struct field *disr_field = &TYPE_FIELD (disr_type, 0); field *new_fields - = (struct field *) TYPE_ZALLOC (type, (TYPE_NFIELDS (type) + = (struct field *) TYPE_ZALLOC (type, ((TYPE_NFIELDS (type) + 1) * sizeof (struct field))); memcpy (new_fields + 1, TYPE_FIELDS (type), TYPE_NFIELDS (type) * sizeof (struct field)); -- 2.30.2