[Lldb-commits] [lldb] 09e0f1e - [LLDB]Fix buffer-over-flow bug introduced in 157170 (#159588)
via lldb-commits
lldb-commits at lists.llvm.org
Thu Sep 18 07:43:46 PDT 2025
Author: Vy Nguyen
Date: 2025-09-18T10:43:42-04:00
New Revision: 09e0f1e035b348e2cd694e5f4b943a78cb6ad639
URL: https://github.com/llvm/llvm-project/commit/09e0f1e035b348e2cd694e5f4b943a78cb6ad639
DIFF: https://github.com/llvm/llvm-project/commit/09e0f1e035b348e2cd694e5f4b943a78cb6ad639.diff
LOG: [LLDB]Fix buffer-over-flow bug introduced in 157170 (#159588)
If `pr_name` is longer than 16, it would be a non-null terminated
string. Assigning it to `std::string m_executable_name` would cause an
overflow read. Instead, just copy the name from thread_data.name.
To repro, run the `elf-core/TestLinuxCore.py` with asan
(Question: why is the new variable needed in the first place? can't the
thread_data.name be used?)
Added:
Modified:
lldb/source/Plugins/Process/elf-core/ProcessElfCore.cpp
Removed:
################################################################################
diff --git a/lldb/source/Plugins/Process/elf-core/ProcessElfCore.cpp b/lldb/source/Plugins/Process/elf-core/ProcessElfCore.cpp
index 8f5f1242116f5..38bf13543c617 100644
--- a/lldb/source/Plugins/Process/elf-core/ProcessElfCore.cpp
+++ b/lldb/source/Plugins/Process/elf-core/ProcessElfCore.cpp
@@ -952,7 +952,7 @@ llvm::Error ProcessElfCore::parseLinuxNotes(llvm::ArrayRef<CoreNote> notes) {
return status.ToError();
thread_data.name.assign (prpsinfo.pr_fname, strnlen (prpsinfo.pr_fname, sizeof (prpsinfo.pr_fname)));
SetID(prpsinfo.pr_pid);
- m_executable_name = prpsinfo.pr_fname;
+ m_executable_name = thread_data.name;
break;
}
case ELF::NT_SIGINFO: {
More information about the lldb-commits
mailing list