dbghelp: Harden inspection of Dwarf line number information.

Signed-off-by: Eric Pouech <eric.pouech@gmail.com> Signed-off-by: Alexandre Julliard <julliard@winehq.org>

dbghelp: Harden inspection of Dwarf line number information.
ebff1e8c · Eric Pouech · Alexandre Julliard · 0b84fa05 · ebff1e8c · ebff1e8c
Commit ebff1e8c authored Sep 02, 2021 by Eric Pouech Committed by Alexandre Julliard Sep 03, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 4 deletions

dwarf.c dlls/dbghelp/dwarf.c +4 -3

source.c dlls/dbghelp/source.c +1 -1

No files found.
--- a/dlls/dbghelp/dwarf.c
+++ b/dlls/dbghelp/dwarf.c
@@ -2190,6 +2190,7 @@ static BOOL dwarf2_parse_line_numbers(const dwarf2_section_t* sections,
    p = vector_add(&dirs, &ctx->pool);
    *p = compile_dir ? compile_dir : ".";
    while (*traverse.data)
+    while (traverse.data < traverse.end_data && *traverse.data)
    {
        const char*  rel = (const char*)traverse.data;
        unsigned     rellen = strlen(rel);
@@ -2205,7 +2206,7 @@ static BOOL dwarf2_parse_line_numbers(const dwarf2_section_t* sections,
           unsigned  baselen = strlen(compile_dir);
           char*     tmp = pool_alloc(&ctx->pool, baselen + 1 + rellen + 1);
           strcpy(tmp, compile_dir);
-           if (tmp[baselen - 1] != '/') tmp[baselen++] = '/';
+           if (baselen && tmp[baselen - 1] != '/') tmp[baselen++] = '/';
           strcpy(&tmp[baselen], rel);
           *p = tmp;
        }
@@ -2214,7 +2215,7 @@ static BOOL dwarf2_parse_line_numbers(const dwarf2_section_t* sections,
    traverse.data++;

    vector_init(&files, sizeof(unsigned), 16);
-    while (*traverse.data)
+    while (traverse.data < traverse.end_data && *traverse.data)
    {
        unsigned int    dir_index, mod_time;
        const char*     name;
@@ -2233,7 +2234,7 @@ static BOOL dwarf2_parse_line_numbers(const dwarf2_section_t* sections,
    }
    traverse.data++;

-    while (traverse.data < traverse.end_data)
+    while (traverse.data < traverse.end_data && *traverse.data)
    {
        ULONG_PTR address = 0;
        unsigned file = 1;

--- a/dlls/dbghelp/source.c
+++ b/dlls/dbghelp/source.c
@@ -78,7 +78,7 @@ unsigned source_new(struct module* module, const char* base, const char* name)
        if (!tmp) return ret;
        full = tmp;
        strcpy(tmp, base);
-        if (tmp[bsz - 1] != '/') tmp[bsz++] = '/';
+        if (bsz && tmp[bsz - 1] != '/') tmp[bsz++] = '/';
        strcpy(&tmp[bsz], name);
    }
    rb_module = module;