sys64738
/
blackmagic
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

gdb_main.c: fix buffer overflow on large reads 

When gdb issues a `m xx,200` command, the probe should respond with a
packet of size 2*0x200=1024 which is the size of the packet buffer.

However, the `hexify()` procedures writes 1025 bytes in the buffer.

During my tests, it caused the probe to hang when issuing a `dump`
command. Presumably by overwritting the `cur_target` variable.
This commit is contained in:
Laurent Bonnans 2015-12-14 11:02:48 +01:00
parent 2d7b24c566
commit c9d3cf71dd
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/gdb_main.c
View File

@ -41,7 +41,7 @@
#define ERROR_IF_NO_TARGET() \
if(!cur_target) { gdb_putpacketz("EFF"); break; }
static char pbuf[BUF_SIZE];
static char pbuf[BUF_SIZE+1];
static target *cur_target;
static target *last_target;