FpDebug: fix checks for end of CIE-data. Don't read outside the section data.

This commit is contained in:
Martin 2024-11-22 13:57:28 +01:00
parent 9fd6981814
commit ba0a9c5bf7

View File

@ -4557,13 +4557,21 @@ begin
FCallFrameInformationList.Add(CFI);
p := inf.RawData;
pe := inf.RawData + inf.Size;
while (p <> nil) and (p < pe) do
while (p <> nil) and (p <= pe - SizeOf(TDwarfCIEEntryHeader32.Length)) do
begin
// The first fields in the CIE and FDE structures are the same.
// First check if it is a 64-bit format. Then
// detect whether it is a CIE or FDE.
if CIE64^.Signature = DWARF_HEADER64_SIGNATURE then
begin
if (p + SizeOf(TDwarfCIEEntryHeader64.Signature) + SizeOf(TDwarfCIEEntryHeader64.Length) >= pe) or
(CIE64^.Length > pe - (p + SizeOf(TDwarfCIEEntryHeader64.Signature) + SizeOf(TDwarfCIEEntryHeader64.Length))) or
(CIE64^.Length <= SizeOf(TDwarfCIEEntryHeader64.CIEId))
then begin
debugln(FPDBG_DWARF_ERRORS, 'CFI data exceeds section length');
break; // exceeding the available data
end;
if CIE64^.CIEId = QWord($ffffffffffffffff) then
begin
// It is a CIE
@ -4588,7 +4596,21 @@ begin
Inc(p, Length);
end
else
if CIE32^.Length = 0 then
begin
p := @CIE32^.CIEId;
end
else
begin
if (p + SizeOf(TDwarfCIEEntryHeader32.Length) >= pe) or
(CIE32^.Length > pe - (p + SizeOf(TDwarfCIEEntryHeader32.Length))) or
(CIE32^.Length <= SizeOf(TDwarfCIEEntryHeader32.CIEId)) or
(CIE32^.Length >= $fffffff0) // resered values / cannot handle
then begin
debugln(FPDBG_DWARF_ERRORS, 'CFI data exceeds section length');
break; // exceeding the available data
end;
if CIE32^.CIEId = $ffffffff then
begin
// It is a CIE