Commit Graph

610 Commits

Author SHA1 Message Date
David Anderson
ec604facdb Fixed bug in showing html references line.
bugrecord.py
2016-05-22 13:08:19 -07:00
David Anderson
a230959ded Update with latest bug fix.
bugxml/data.txt
2016-05-22 13:00:40 -07:00
David Anderson
acae971371 added new error code
libdwarf/dwarf_errmsg_list.c
libdwarf/libdwarf.h.in

Test for inconsistent line table header data
and provide a default string indicating failure
in case the inconsistency test is inadequate.
libdwarf/dwarf_line.c
libdwarf/dwarf_line_table_reader_common.c
2016-05-22 12:55:53 -07:00
David Anderson
58093a7385 Now the lines in <pre>get their own xml
so they can be understood as individual lines..
modified:   bugrecord.py
2016-05-22 09:41:15 -07:00
David Anderson
f017024f2f Now showing latest libdwarf fix commit id.
bugxml/data.txt
2016-05-22 08:50:51 -07:00
David Anderson
6fa3f710ee modified: bugxml/data.txt
modified:   bugxml/readbugs.py

Fixed an incorrect length check to prevent a crash.
modified:   dwarfdump/print_frames.c

Set a macro structure field that was left unset.
No longer creates a zero-length malloc field.
modified:   libdwarf/dwarf_macro5.c
2016-05-22 08:46:35 -07:00
David Anderson
4aae3a23b4 Two new crashes. 016, 017 2016-05-20 18:33:13 -07:00
David Anderson
9247e66d14 Update version strings.
dwarfdump/common.c
dwarfdump/dwarfdump.c
2016-05-19 13:52:03 -07:00
David Anderson
8f0690dae1 Improve the output with respect to things tested.
More like other configure setups.
dwarfdump/configure.in

Regenerate.
dwarfdump/configure

Fix spelling mistakes, and an erroneous . in column 1.
dwarfdump/dwarfdump.1

CFLAGS is no on HOST_CFLAGS.
libdwarf/Makefile.in

Improve the output with respect to things tested.
More like other configure setups.
libdwarf/configure.in

Regenerate.
libdwarf/configure
2016-05-19 13:47:52 -07:00
David Anderson
1eeffd5fa6 Added fix information to the bug data.
bugxml/data.txt
2016-05-19 13:47:05 -07:00
David Anderson
ac6673e32f dwarfdump
* print_die.c: Fix typo in error message.
* print_frames.c: Do additional checks for incorrect data
  when printing frame instructions to avoid dwarfdump crash..

libdwarf
    * dwarf_form.c: Directly check expression length against
      section length in case expression length very very large.
    * dwarf_query.c: _dwarf_calculate_info_section_*() routines
      made clearer and the *_start_ptr() instance also now returns
      the length (via a pointer arg).
    * dwarf_xu_index.c: Check data read from the section so
      a wildly large columns count or slots count will be caught
      and an error returned.
2016-05-18 18:50:58 -07:00
David Anderson
4d7c43f0d9 Fixed the output, which was not right for xml.
modified:   bugrecord.py
2016-05-17 19:22:55 -07:00
David Anderson
37cbbc8b74 bugxml:
Now we can use <pre></pre> to preserve lines where
appropriate.

modified:   bugrecord.py
modified:   readbugs.py

New vulnerabilities added.
modified:   data.txt
2016-05-17 18:42:05 -07:00
David Anderson
dd66cd617c Noted fix to DW201605-012
bugxml/data.txt
2016-05-17 07:15:54 -07:00
David Anderson
10ca310f64 Updated bug text for clarity.
bugxml/data.txt

Harden to account for corrupt relocation records.
libdwarf/dwarf_elf_access.c

Remove trailing whitespace.
libdwarf/dwarf_macro5.c
2016-05-17 07:03:22 -07:00
David Anderson
814da3381c Made use of
testcase:
more uniform. Accidental irregularities removed.
modified:   bugxml/data.txt
2016-05-13 08:08:12 -07:00
David Anderson
63633bc14a All currently known vulnerabilities fixed.
bugxml/data.txt

Fix indents, remove trailing whitespace.
   dwarfdump/print_abbrevs.c
   dwarfdump/print_aranges.c
   dwarfdump/print_frames.c
   dwarfdump/print_sections.c

Ensure we check dwarf functtion status return.
These sources used only at build time.
   dwarfdump/tag_attr.c
   dwarfdump/tag_tree.c
2016-05-12 10:50:44 -07:00
David Anderson
82d8e00785 bugxml/data.txt
Moved a couple functions between source files
and made them static. A couple commentary changes.
print_frames.c, though, needed hardening against
corrupt frame data.
dwarfdump/globals.h
dwarfdump/print_aranges.c
dwarfdump/print_die.c
dwarfdump/print_frames.c
dwarfdump/print_sections.c

All data reads from an object ensure the
read is actually in a section.
It is always possible something was overlooked, but
all the reading macros and functions now do checks.
libdwarf/dwarf_arange.c
libdwarf/dwarf_die_deliv.c
libdwarf/dwarf_errmsg_list.c
libdwarf/dwarf_form.c
libdwarf/dwarf_frame.c
libdwarf/dwarf_frame2.c
libdwarf/dwarf_global.c
libdwarf/dwarf_line.c
libdwarf/dwarf_line_table_reader_common.c
libdwarf/dwarf_loc.c
libdwarf/dwarf_loc2.c
libdwarf/dwarf_macro5.c
libdwarf/dwarf_opaque.h
libdwarf/dwarf_print_lines.c
libdwarf/dwarf_query.c
libdwarf/dwarf_ranges.c
libdwarf/dwarf_util.c
libdwarf/dwarf_util.h
libdwarf/dwarf_xu_index.c
libdwarf/libdwarf.h.in
2016-05-12 07:39:36 -07:00
David Anderson
71e02f3e62 Updated mm files with spelling fixes and nothing else.
Regenerated .pdf
libdwarf2.1.mm
libdwarf2.1.pdf
libdwarf2p.1.mm
libdwarf2p.1.pdf
2016-05-07 15:49:11 -07:00
David Anderson
b74cf7a901 spell noticed a couple misspellings. Fixed.
modified:   dwarfdump/NEWS
2016-05-07 14:58:33 -07:00
David Anderson
3af6d465a9 Small tweaks of the new wording.
dwarfdump/NEWS
2016-05-07 14:56:46 -07:00
David Anderson
8312f4ddc3 Spelling error fixed.
modified:   data.txt
2016-05-07 14:48:46 -07:00
David Anderson
f1619647b6 Noted release 20160507 (new field for that)
modified:   bugxml/bugrecord.py
modified:   bugxml/data.txt
modified:   bugxml/readbugs.py
2016-05-07 14:08:23 -07:00
David Anderson
a405d12199 Shows the
Shows the git id of the fixes DW201605-{010,011}
	modified:   data.txt
20160507
2016-05-07 13:57:55 -07:00
David Anderson
b3c1706d48 Update version strings.
dwarfdump/common.c
dwarfdump/dwarfdump.c

Inserted local variable initialization-at-definition.
dwarfdump/print_frames.c

Notice frame data corruption and generate an error.
libdwarf/dwarf_errmsg_list.c
libdwarf/dwarf_frame.c
libdwarf/dwarf_frame.h
libdwarf/dwarf_frame2.c
libdwarf/dwarf_line.c
libdwarf/libdwarf.h.in
2016-05-07 13:50:17 -07:00
David Anderson
334b908782 A typo hid one fixdate from the reporting.
Fixed.
bugxml/data.txt
2016-05-06 17:35:54 -07:00
David Anderson
4fd1e02db0 Updated status on the vulnerabilities.
modified:   data.txt
2016-05-06 17:31:31 -07:00
David Anderson
b6ec2dfd85 More to do here.
bugxml/data.txt

libdwarf
* dwarf_errmsg_list.c: Added DW_DLE_ZLIB_SECTION_SHORT.
    * dwarf_form.c: Now checking for section overrun.
    * dwarf_init_finish.c: Now checking zlib reading
      for section overrun.
    * dwarf_macro5.c: Now checking for section overrun and
      also fixing double delete caused by having
      _dwarf_get_alloc() space pointing at other _dwarf_get_alloc()
      space. Because in case of error the order of free
      of such is unpredictable!
    * dwarf_macro5.h: Added comment on mc_srcfiles member.
    * libdwarf.h.in: Added DW_DLE_ZLIB_SECTION_SHORT.
2016-05-06 17:16:15 -07:00
David Anderson
73aa80bb84 Avoiding compiler warnings. No change in functionality.
dwarfdump/sanitized.c
2016-05-06 09:00:57 -07:00
David Anderson
50b0a420ed Added cleanup of bugxml directory.
CLEANUP
2016-05-06 08:52:01 -07:00
David Anderson
6ad869e6ba DW201605-007 is fixed.
bugxml/data.txt
2016-05-06 08:43:10 -07:00
David Anderson
eb1472afac New bugr reports.
bugxml/data.txt

Now prints strings so that
control characters do not
cause problems. Easier to read too.
dwarfdump/Makefile.in
dwarfdump/NEWS
dwarfdump/dwarfdump.1
dwarfdump/dwarfdump.c
dwarfdump/globals.h
dwarfdump/print_die.c
dwarfdump/print_frames.c
dwarfdump/print_lines.c
dwarfdump/print_macro.c
dwarfdump/print_macros.c
dwarfdump/sanitized.c

Removed trailing whitespace.
dwarfexample/simplereader.c

New checking for corrupt input.
libdwarf/dwarf_errmsg_list.c
libdwarf/dwarf_form.c
libdwarf/dwarf_line.c
libdwarf/dwarf_opaque.h
libdwarf/dwarf_query.c
libdwarf/dwarf_util.h
libdwarf/libdwarf.h.in
2016-05-06 08:26:36 -07:00
David Anderson
19256ea6d9 New set of bugs.
bugxml/data.txt
2016-05-05 10:22:38 -07:00
David Anderson
3ec36c3413 Now checks for duplicate id:
bugxml/readbugs.py
2016-05-05 10:21:52 -07:00
David Anderson
61cee134c5 These record critical vulnerabilities in libdwarf.
Used to create a public record.

new file:   bugxml/README
new file:   bugxml/bugrecord.py
new file:   bugxml/data.template
new file:   bugxml/data.txt
new file:   bugxml/readbugs.py
2016-05-05 09:21:32 -07:00
David Anderson
43612f3866 Move up 3 lines of code( a test for NULL) so we do
not dereference a NULL pointer.
libdwarf/dwarf_macro5.c
2016-05-04 07:25:49 -07:00
David Anderson
98a3da1e82 Improve some error checks. Fix line printing for
standard tables: header says lno now,
for line number (row was incorrect).
dwarfdump/dwarfdump.c
dwarfdump/print_die.c
dwarfdump/print_lines.c

New checks for correctness and section overrun.
Fixed duplicate free due to bug in DWARF5 macro
handling.
libdwarf/dwarf_arange.c
libdwarf/dwarf_die_deliv.c
libdwarf/dwarf_elf_access.c
libdwarf/dwarf_errmsg_list.c
libdwarf/dwarf_frame2.c
libdwarf/dwarf_leb.c
libdwarf/dwarf_line.c
libdwarf/dwarf_line.h
libdwarf/dwarf_line_table_reader_common.c
libdwarf/dwarf_macro5.c
libdwarf/dwarf_util.h
libdwarf/libdwarf.h.in
2016-05-04 06:45:00 -07:00
David Anderson
cbea749340 libdwarf:
* dwarf_arange.c,dwarf_util.c: first use of READ_UNALIGNED_CK.
    * dwarf_errmsg_list.c, libdwarf.h.in: DW_DLE_READ_LITTLEENDIAN_ERROR
      and DW_DLE_READ_BIGENDIAN_ERROR are errors possible
      in READ_UNALIGNED_CK.
    * dwarf_query.c: Using local variables for shorter lines.
    * dwarf_util.h: Implement READ_UNALIGNED_CK macros.
2016-04-30 15:58:55 -07:00
David Anderson
ae65ad36b0 update version string
dwarfdump/common.c
dwarfdump/dwarfdump.c
2016-04-30 13:04:41 -07:00
David Anderson
6d1f2536d0 switch to using DECODE_LEB*_CK everywhere applicable..
Preventing a wide class of crashes due to damaged
object files.

libdwarf/dwarf_arange.c
libdwarf/dwarf_frame.c
libdwarf/dwarf_frame.h
libdwarf/dwarf_frame2.c
libdwarf/dwarf_line_table_reader_common.c
libdwarf/dwarf_loc2.c
2016-04-30 13:01:56 -07:00
David Anderson
0c259d4b70 libdwarf
* dwarf_die_deliv.c: Deleted unused local variable.
    * dwarf_form.c,dwarf_macro.c, dwarf_macro5.c: Now uses
      DCODE_LEB128*_CK nearly everywhere
      for better checking for corrupted data.
    * dwarf_opaque.h:New argument to _dwarf_get_addr_index_itself()
      for better data checks..
    * dwarf_query.c: Uses revised _dwarf_get_addr_index_itself()
      interface.
    * dwarf_util.c: Fixed formatting errors.
2016-04-30 07:15:22 -07:00
David Anderson
d15483a528 libdwarf: Catching leb errors/corruption
and simplifying the code.
   dwarf_line_table_reader_common.c
   dwarf_macro.c
   dwarf_macro5.c
   dwarf_util.c
   dwarf_util.h
2016-04-29 15:41:16 -07:00
David Anderson
6e55f02d7e libdwarf:
* dwarf_die_deliv.c: Now _dwarf_next_die_info_ptr() has
      a section end argument.
    * dwarf_query.c, dwarf_util.c: Now uses the checked version
      of leb reading.
    * dwarf_util.h: Now _dwarf_get_size_of_val() has
      section_end_ptr argument for checking leb values
      do not overrun end of section.
2016-04-28 17:49:03 -07:00
David Anderson
f01360225d Update version string.
dwarfdump/common.c
dwarfdump/dwarfdump.c

Add a new test that chatches an object
file with bad DWARF (corrupted DWARF).
libdwarf/dwarf_frame2.c
2016-04-27 18:25:41 -07:00
David Anderson
76b6fb5846 Remove duplicative print of error number.
dwarfdump/dwarfdump.c

Ensure dependency on dwarf_errmsg_list.c
libdwarf/Makefile.in

Do much much more testing to ensure we do not
run off the end of section or accept a bogus
leb number.
libdwarf/dwarf_abbrev.c
libdwarf/dwarf_die_deliv.c
libdwarf/dwarf_errmsg_list.c
libdwarf/dwarf_frame.c
libdwarf/dwarf_frame.h
libdwarf/dwarf_frame2.c
libdwarf/dwarf_frame3.c
libdwarf/dwarf_leb.c
libdwarf/dwarf_line.c
libdwarf/dwarf_line.h
libdwarf/dwarf_line_table_reader_common.c
libdwarf/dwarf_opaque.h
libdwarf/dwarf_query.c
libdwarf/dwarf_util.c
libdwarf/dwarf_util.h
libdwarf/libdwarf.h.in
2016-04-27 13:00:06 -07:00
David Anderson
82afa79cd6 libdwarf:
Makefile.in: The new errmsg_check dependency
      line was a bit wrong. libdwarf.h should not have $(srcdir)
2016-04-26 14:12:52 -07:00
David Anderson
a1b6d0594d libdwarf:
* dwarf_errmsg_list.c: When -DTESTING ensure all the
      error messages have a value in () so we can check
      that value.
2016-04-25 14:53:15 -07:00
David Anderson
7b73565d3c Fix a couple indent mistakes.
dwarfdump:
dwarfdump.c
esb.c
2016-04-25 14:34:56 -07:00
David Anderson
5b6a4074df libdwarf:
* dwarf_tied.c: A C11-ism crept in. Fixed.
      Added 'static' to local function declaration.
      Removed unused local variable.
    * dwarf_errmsg_list.c: Now checks that the number in ()
      matches the index (and still checks that the array size
      is the declared size) when compiled -DTESTING.
2016-04-25 14:08:01 -07:00
David Anderson
76fe128b2c libdwarf:
dwarf_errmsg_list.c: Fixed indent mistakes.
dwarf_leb.c: Fixed places where leb128_length
      was assumed non-null (dwarf_form.c passes NULL!).
      Made the NULL tests more consistent in appearance.
2016-04-25 13:18:24 -07:00