From f30a46f100f81c365e605b7aed339b7f5c8a7326 Mon Sep 17 00:00:00 2001 From: Tamas Zsoldos Date: Tue, 18 Aug 2020 12:04:56 +0200 Subject: libunwindstack: don't save pseudoregisters while evaluating Dwarf Currently, while evaluating a Dwarf section, even pseudoregisters are saved in regs_info. Since pseudoregisters are stored separately from ordinary registers, trying to read them the usual way will result in an out-of-bounds read. There's no memory corruption as regs_info is big enough to store all existing pseudoregisters. With this patch, pseudoregisters are simply not saved in regs_info. Added new unit tests to cover the pseudo register cases. Test: libunwindstack_test Change-Id: If21b2a79f2fcca85644eec430f3d22e354b001ec --- libunwindstack/DwarfSection.cpp | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'libunwindstack/DwarfSection.cpp') diff --git a/libunwindstack/DwarfSection.cpp b/libunwindstack/DwarfSection.cpp index 9e2a3cda7..bf86e6e66 100644 --- a/libunwindstack/DwarfSection.cpp +++ b/libunwindstack/DwarfSection.cpp @@ -465,13 +465,9 @@ bool DwarfSectionImpl::EvalRegister(const DwarfLocation* loc, uint3 eval_info->return_address_undefined = true; } break; - case DWARF_LOCATION_PSEUDO_REGISTER: { - if (!eval_info->regs_info.regs->SetPseudoRegister(reg, loc->values[0])) { - last_error_.code = DWARF_ERROR_ILLEGAL_VALUE; - return false; - } - break; - } + case DWARF_LOCATION_PSEUDO_REGISTER: + last_error_.code = DWARF_ERROR_ILLEGAL_VALUE; + return false; default: break; } @@ -543,11 +539,15 @@ bool DwarfSectionImpl::Eval(const DwarfCie* cie, Memory* regular_me // Skip this unknown register. continue; } - } - - reg_ptr = eval_info.regs_info.Save(reg); - if (!EvalRegister(&entry.second, reg, reg_ptr, &eval_info)) { - return false; + if (!eval_info.regs_info.regs->SetPseudoRegister(reg, entry.second.values[0])) { + last_error_.code = DWARF_ERROR_ILLEGAL_VALUE; + return false; + } + } else { + reg_ptr = eval_info.regs_info.Save(reg); + if (!EvalRegister(&entry.second, reg, reg_ptr, &eval_info)) { + return false; + } } } -- cgit v1.2.3