review.tizen.org Git - platform/upstream/libabigail.git/commit

author	Mark Wielaard <mark@klomp.org>
	Thu, 18 Apr 2019 15:41:41 +0000 (17:41 +0200)
committer	Dodji Seketeli <dodji@redhat.com>
	Thu, 18 Apr 2019 16:21:01 +0000 (18:21 +0200)
commit	fb6b2a5f4ce592bdcc3388908f21709236dd9c01
tree	f5801b6baf25ceb0896f0dfc956b763a4e7f7bb6	tree \| snapshot
parent	1c358a50229a74edbeeb8b799e9ec8f3409826c4	commit \| diff

Don't try to read a build_id as string in find_alt_debug_info_link.

The GCC8 address sanitizer found an issue in find_alt_debug_info_link.
It tried to convert a build-id byte sequence into a string. But the
build-id byte sequence is not a zero terminated sequence of chars.
So it could run off way past the section data.

The code never actually uses the build-id. It could use it to verify
the referenced alt-file is the correct one. But since it uses elfutils
to actually load the alt file it doesn't have to, since elfutils will
already check the build-id matches.

So just remove the build_id argument from find_alt_debug_info_link
and don't try to convert and return it as a string.

* src/abg-dwarf-reader.cc (find_alt_debug_info_link): Remove
build_id argument. Don't try to read the buildid chars as a
string.
(find_alt_debug_info): Don't call find_alt_debug_info_link
with a build_id string argument.

Signed-off-by: Mark Wielaard <mark@klomp.org>
Signed-off-by: Dodji Seketeli <dodji@redhat.com>