In ParseCompilationUnit line 579 / trunk (form within last 7 days)
extended_opcode_length := ReadULEB128();
....
for i := 0 to extended_opcode_length-2 do
ReadNext();
I have a case where that goes wrong. the length is well over 1 million
(obviously wrong)
In the loop there is no check, if "ReadNext" has failed. So it fails
over a million times (or it keeps one of my cpu cores busy for a long
long time....
I propose to add 2 checks, for the result of "ReadNext".
Exit should be save, as the var param "found" must be false in both
cases. But if it is prefered, then code could be modified to set a flag
(in the for loop), and then "break" the while loop.
Index: rtl/inc/lnfodwrf.pp
===================================================================
--- rtl/inc/lnfodwrf.pp (revision 25146)
+++ rtl/inc/lnfodwrf.pp (working copy)
@@ -579,6 +579,9 @@
extended_opcode_length := ReadULEB128();
extended_opcode := ReadNext();
case (extended_opcode) of
+ -1: begin
+ exit;
+ end;
DW_LNE_END_SEQUENCE : begin
state.end_sequence := true;
state.append_row := true;
@@ -598,7 +601,8 @@
else begin
DEBUG_WRITELN('Unknown extended opcode (opcode ',
extended_opcode, ' length ', extended_opcode_length, ')');
for i := 0 to extended_opcode_length-2 do
- ReadNext();
+ if ReadNext() = -1 then
+ exit;
end;
end;
end;
_______________________________________________
fpc-devel maillist - fpc-devel@lists.freepascal.org
http://lists.freepascal.org/mailman/listinfo/fpc-devel
