[ros-diffs] [tkreuzer] 37320: Make sure we don't parse instructions beyond the eh_frame section. Looks like in some cases the last Fde isn't terminated with a 0 Length field.

Author: tkreuzer Date: Wed Nov 12 15:30:16 2008 New Revision: 37320 URL: http://svn.reactos.org/svn/reactos?rev=37320&view=rev Log: Make sure we don't parse instructions beyond the eh_frame section. Looks like in some cases the last Fde isn't terminated with a 0 Length field. Modified: branches/ros-amd64-bringup/reactos/tools/rsym/rsym64.c Modified: branches/ros-amd64-bringup/reactos/tools/rsym/rsym64.c URL: http://svn.reactos.org/svn/reactos/branches/ros-amd64-bringup/reactos/tools… ============================================================================== --- branches/ros-amd64-bringup/reactos/tools/rsym/rsym64.c [iso-8859-1] (original) +++ branches/ros-amd64-bringup/reactos/tools/rsym/rsym64.c [iso-8859-1] Wed Nov 12 15:30:16 2008 @@ -87,7 +87,7 @@ pc += Cie->AugLength; Cie->Instructions = pc; - return Cie->Length; + return Cie->Length + 4; } unsigned long @@ -103,7 +103,7 @@ Fde->AugData = pc; Fde->Instructions = Fde->AugData + Fde->AugLength; - return Fde->Length; + return Fde->Length + 4; } unsigned long @@ -214,7 +214,6 @@ } State->FramePtrDiff = State->FramePtr - PrevFramePtr; - //printf("@%p: code=%x, Loc=%lx, offset=%lx, reg=0x%lx:%s\n", pc, code, State->Location, State->Offset, State->Reg, regnames_64[State->Reg]); return Length; } @@ -371,7 +370,7 @@ { DW2CIEFDE *p; DW2FDE Fde; - char *pInst; + char *pInst, *pmax; DW2CFSTATE State; File->cFuncs = 0; @@ -380,7 +379,8 @@ State.FramePtr = 0; p = GetSectionPointer(File, File->eh_frame.idx); - for (; p->Length; p = NextCIE(p)) + pmax = (char*)p + File->eh_frame.psh->Misc.VirtualSize; + for (; p->Length && (char*)p < pmax; p = NextCIE(p)) { /* Is this an FDE? */ if (p->CiePointer != 0) @@ -421,6 +421,7 @@ ULONG cbSize; PIMAGE_SECTION_HEADER pshp, pshx; ULONG FileAlignment; + char *pmax; FileAlignment = File->OptionalHeader->FileAlignment; @@ -463,7 +464,9 @@ Offset = File->eh_frame.psh->VirtualAddress; xdata_va = pshx->VirtualAddress; xdata_p = File->xdata.p; - for (p = eh_frame; p->Length; p = NextCIE(p)) + pmax = (char*)eh_frame + File->eh_frame.psh->Misc.VirtualSize - 100; + + for (p = eh_frame; p->Length && (char*)p < pmax; p = NextCIE(p)) { /* Is this an FDE? */ if (p->CiePointer != 0)