summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Munday <mike.munday@ibm.com>2017-11-24 11:37:11 -0500
committerDave Watson <davejwatson@fb.com>2017-11-28 07:55:25 -0800
commit29137c6fa9303eedc310a467e508716813174414 (patch)
tree0d8704c5e37e0c474c5ea89f65fe527e98e0f7a6
parent02a3cc2cf3847ac4ba41913a035eff30eeca20a6 (diff)
downloadlibunwind-29137c6fa9303eedc310a467e508716813174414.tar.gz
dwarf: Fix size of state to avoid corrupting rs_stack
DW_CFA_remember_state used memcpy to overwrite state with the value of rs_current. Unfortunately rs_current was slightly larger than state, possibly resulting in rs_stack->next being overwritten. Fix this by making the type of state match the type of rs_current and using an assigment to perform the copy rather than memcpy. This should ensure that the types match in future.
-rw-r--r--include/dwarf.h2
-rw-r--r--src/dwarf/Gparser.c4
2 files changed, 3 insertions, 3 deletions
diff --git a/include/dwarf.h b/include/dwarf.h
index f45d0e4a..48831e30 100644
--- a/include/dwarf.h
+++ b/include/dwarf.h
@@ -260,7 +260,7 @@ dwarf_reg_state_t;
typedef struct dwarf_stackable_reg_state
{
struct dwarf_stackable_reg_state *next; /* for rs_stack */
- dwarf_reg_only_state_t state;
+ dwarf_reg_state_t state;
}
dwarf_stackable_reg_state_t;
diff --git a/src/dwarf/Gparser.c b/src/dwarf/Gparser.c
index 5973a986..d95d5338 100644
--- a/src/dwarf/Gparser.c
+++ b/src/dwarf/Gparser.c
@@ -275,7 +275,7 @@ run_cfi_program (struct dwarf_cursor *c, dwarf_state_record_t *sr,
ret = -UNW_ENOMEM;
break;
}
- memcpy (&(*rs_stack)->state, &sr->rs_current, sizeof (sr->rs_current));
+ (*rs_stack)->state = sr->rs_current;
Debug (15, "CFA_remember_state\n");
break;
@@ -286,7 +286,7 @@ run_cfi_program (struct dwarf_cursor *c, dwarf_state_record_t *sr,
ret = -UNW_EINVAL;
break;
}
- memcpy (&sr->rs_current, &(*rs_stack)->state, sizeof (sr->rs_current));
+ sr->rs_current = (*rs_stack)->state;
pop_rstate_stack(rs_stack);
Debug (15, "CFA_restore_state\n");
break;