de777b79eb
We do not know anything about the symbols we are being asked to demangle; it is entirely possible they are malformed, or that we parse them incorrectly, which previously led to buffer overflows. E.g. the "2","8" in "SetTo__Q28_GLOBAL_" is presently incorrectly parsed as a length, leading to an access 21 bytes past the end of the string. This caused a page fault under the guarded heap, a fact I had the misfortune to discover when trying to attach Debugger to a guarded-heap'd application which somehow ran the demangler under the guarded heap also, and that symbol above was in runtime_loader, so it crashed while loading its symbols. So now we do what the GCC3+ demangler does here, and keep track of the input buffer through the use of a state class, which will prevent us from incrementing past the buffer's end. I've tested this patch using the new haikuc++filt utility against libtracker (indeed, it took multiple rounds of testing to get the diff to be 0 bytes) and it seems to work exactly as before, though now without out-of-bounds accesses. As this demangler is also used in the kernel, it's possible that some triple-faults on x86_gcc2[h] are caused by this bug (although that would be rare; one of the incorrectly-parsed symbols would have to be in the stack trace, and then it would have to read past the end of the buffer containing the symbol.) Change-Id: I343991cebd7d2887812c8c6b3dc2e0df2fcd79fa Reviewed-on: https://review.haiku-os.org/579 Reviewed-by: waddlesplash <waddlesplash@gmail.com>
Haiku
Homepage | Mailing Lists | IRC Channels | Issue Tracker | API docs
Haiku is an open-source operating system that specifically targets personal computing. Inspired by the BeOS, Haiku is fast, simple to use, easy to learn and yet very powerful.
Goals
- Sensible defaults with minimal configuration required.
- Clean, clear, concise code.
- Unified desktop environment.
Trying Haiku
Haiku provides pre-built nightly images and release images. Haiku is compatible with a large variety of hardware, but in case you don't want to "take the plunge" and install Haiku on bare metal, you can install it on a virtual machine (VM) instead. If you've never used a VM before, you can follow one of the "Emulating Haiku" guides.
Compiling Haiku
See ReadMe.Compiling.
Contributing
Haiku is a meritocratic open source project with a large variety of tasks. Even if you can't write code, you can still help! Haiku needs designers, (technical) writers, translators, testers... Get involved and help out!
Contributing code
If you're submitting a patch to us, please make sure you're following the patch submitting guidelines.
If you're having trouble finding something in the source tree, you can use one of our OpenGrok servers:
- http://xref.plausible.coop/ (provided by Landon Fuller)
- http://code.metager.de/source/xref/haiku (provided by MetaGer)
Contributing documentation
The main piece of documentation that still needs work are the API docs (found
in the tree at docs/user). Just find an undocumented class, write
documentation for it, and submit a patch.
Contributing translations
See wiki:i18n.
Contributing software ports
See HaikuPorts.
Contributing to our infrastructure
See Infrastructure.