2003-01-29 Roland McGrath <roland@redhat.com>

	* td_ta_new.c (td_ta_new): Cap the `sizeof_descr' value read from the
	inferior at `sizeof (struct _pthread_descr_struct)', since we use it
	as a length in copies to our own structures.

diff --git a/linuxthreads_db/td_ta_new.c b/linuxthreads_db/td_ta_new.c
index 50ddf0a..e93d8b4 100644 (file)
--- a/linuxthreads_db/td_ta_new.c
+++ b/linuxthreads_db/td_ta_new.c
@@ -1,5 +1,5 @@
 /* Attach to target process.
-   Copyright (C) 1999, 2001, 2002 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2001, 2002, 2003 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper <drepper@cygnus.com>, 1999.
 
@@ -127,6 +127,9 @@ td_ta_new (struct ps_prochandle *ps, td_thragent_t **ta)
     {
       if (ps_pdread (ps, addr, &(*ta)->sizeof_descr, sizeof (int)) != PS_OK)
        goto free_return;
+      /* Don't let bogons in the inferior make us mess ourselves.  */
+      if ((*ta)->sizeof_descr > sizeof (struct _pthread_descr_struct))
+       (*ta)->sizeof_descr = sizeof (struct _pthread_descr_struct);
     }
 
   /* Now add the new agent descriptor to the list.  */