mirror of
https://github.com/tobast/libunwind-eh_elf.git
synced 2024-11-29 10:17:38 +01:00
Fix bug in libunwind-ptrace which can cause reading of random data.
(maps_next): After reading less than a full buffer of data, copy remaining data to the top of the buffer so as to maintain the invariant that all data between mi->buf and mi->buf_end is valid. This avoids maps_next() parsing uninitialized data.
This commit is contained in:
parent
cbd8648b33
commit
af2503e223
1 changed files with 9 additions and 0 deletions
|
@ -233,6 +233,15 @@ maps_next (struct map_iterator *mi,
|
||||||
mi->buf_size - bytes_left);
|
mi->buf_size - bytes_left);
|
||||||
if (nread <= 0)
|
if (nread <= 0)
|
||||||
return 0;
|
return 0;
|
||||||
|
else if (nread + bytes_left < mi->buf_size)
|
||||||
|
{
|
||||||
|
/* Move contents to the end of the buffer so we
|
||||||
|
maintain the invariant that all bytes between
|
||||||
|
mi->buf and mi->buf_end are valid. */
|
||||||
|
memcpy (mi->buf_end - nread - bytes_left, mi->buf,
|
||||||
|
nread + bytes_left);
|
||||||
|
mi->buf = mi->buf_end - nread - bytes_left;
|
||||||
|
}
|
||||||
|
|
||||||
eol = mi->buf + bytes_left + nread - 1;
|
eol = mi->buf + bytes_left + nread - 1;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue