Don't try to read a build_id as string in find_alt_debug_info_link.

The GCC8 address sanitizer found an issue in find_alt_debug_info_link.
It tried to convert a build-id byte sequence into a string. But the
build-id byte sequence is not a zero terminated sequence of chars.
So it could run off way past the section data.

The code never actually uses the build-id. It could use it to verify
the referenced alt-file is the correct one. But since it uses elfutils
to actually load the alt file it doesn't have to, since elfutils will
already check the build-id matches.

So just remove the build_id argument from find_alt_debug_info_link
and don't try to convert and return it as a string.

	* src/abg-dwarf-reader.cc (find_alt_debug_info_link): Remove
	build_id argument. Don't try to read the buildid chars as a
	string.
	(find_alt_debug_info): Don't call find_alt_debug_info_link
	with a build_id string argument.

Signed-off-by: Mark Wielaard <mark@klomp.org>
Signed-off-by: Dodji Seketeli <dodji@redhat.com>

diff --git a/src/abg-dwarf-reader.cc b/src/abg-dwarf-reader.cc
index 1815034..29e129c 100644 (file)
--- a/src/abg-dwarf-reader.cc
+++ b/src/abg-dwarf-reader.cc
@@ -1127,23 +1127,18 @@ get_binary_load_address(Elf *elf_handle,
   return false;
 }
 
-/// Find the file name of the alternate debug info file, as well as
-/// its build ID.
+/// Find the file name of the alternate debug info file.
 ///
 /// @param elf_module the elf module to consider.
 ///
 /// @param out parameter.  Is set to the file name of the alternate
 /// debug info file, iff this function returns true.
 ///
-/// @param out parameter.  Is set to the build ID of the alternate
-/// debug info file.
-///
 /// @return true iff the location of the alternate debug info file was
 /// found.
 static bool
 find_alt_debug_info_link(Dwfl_Module *elf_module,
-                        string &alt_file_name,
-                        string &build_id)
+                        string &alt_file_name)
 {
   GElf_Addr bias = 0;
   Dwarf *dwarf = dwfl_module_getdwarf(elf_module, &bias);
@@ -1187,7 +1182,6 @@ find_alt_debug_info_link(Dwfl_Module *elf_module,
       if (buildid == 0 || alt_name == 0)
        return false;
 
-      build_id = buildid;
       alt_file_name = alt_name;
       return true;
     }
@@ -1274,8 +1268,7 @@ find_alt_debug_info(Dwfl_Module *elf_module,
     return 0;
 
   Dwarf* result = 0;
-  string build_id;
-  find_alt_debug_info_link(elf_module, alt_file_name, build_id);
+  find_alt_debug_info_link(elf_module, alt_file_name);
 
 #ifdef LIBDW_HAS_DWARF_GETALT
   // We are on recent versions of elfutils where the function