diff options
| author | Mark Wielaard <mjw@redhat.com> | 2009-10-20 17:08:57 +0200 |
|---|---|---|
| committer | Mark Wielaard <mjw@redhat.com> | 2009-10-20 17:08:57 +0200 |
| commit | bc0b26aa958253192328bc4084ba367536fb4842 (patch) | |
| tree | 2a956d3407fd464da16c8785a33e3bb750edff2f | |
| parent | 1adb61a4e1313b178f2db7d5ce766a505c073a24 (diff) | |
| download | systemtap-steved-bc0b26aa958253192328bc4084ba367536fb4842.tar.gz systemtap-steved-bc0b26aa958253192328bc4084ba367536fb4842.tar.xz systemtap-steved-bc0b26aa958253192328bc4084ba367536fb4842.zip | |
Limit the number of call frame instructions we process in the unwinder.
* runtime/unwind.c (processCFI): Fail if the number of instructions is
larger than MAX_CFI (currently 512).
| -rw-r--r-- | runtime/unwind.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/runtime/unwind.c b/runtime/unwind.c index 0e95ba08..7607770e 100644 --- a/runtime/unwind.c +++ b/runtime/unwind.c @@ -278,6 +278,10 @@ static void set_rule(uleb128_t reg, enum item_location where, uleb128_t value, s } } +/* Limit the number of instructions we process. Arbitrary limit. + 512 should be enough for anybody... */ +#define MAX_CFI 512 + static int processCFI(const u8 *start, const u8 *end, unsigned long targetLoc, signed ptrType, struct unwind_state *state) { union { @@ -287,6 +291,9 @@ static int processCFI(const u8 *start, const u8 *end, unsigned long targetLoc, s } ptr; int result = 1; + if (end - start > MAX_CFI) + return 0; + dbug_unwind(1, "targetLoc=%lx state->loc=%lx\n", targetLoc, state->loc); if (start != state->cieStart) { state->loc = state->org; |