This is an archive of the discontinued LLVM Phabricator instance.

Differential D31485

Verify memory address range validity in GDBRemoteCommunicationClient
ClosedPublic

Authored by xiaobai on Mar 29 2017, 5:12 PM.

Details

Reviewers
k8stone
clayborg
labath
Commits
rG48d1427c30b7: Verify memory address range validity in GDBRemoteCommunicationClient
rLLDB299239: Verify memory address range validity in GDBRemoteCommunicationClient
rL299239: Verify memory address range validity in GDBRemoteCommunicationClient
Summary

This aims to verify the validity of the response from the debugging
server in GDBRemoteCommunicationClient::GetMemoryRegionInfo. I was
working with ds2 (https://github.com/facebook/ds2) and encountered a bug
that caused the server's response to have a 'size' value of 0, which
caused lldb to behave incorrectly.

Diff Detail

Event Timeline

xiaobai created this revision.Mar 29 2017, 5:12 PM
Harbormaster completed remote builds in B5164: Diff 93427.Mar 29 2017, 5:12 PM
sas added a reviewer: clayborg.Mar 29 2017, 10:38 PM
sas added a subscriber: clayborg.

Doing additional checking on the packets returned over the wire seems decent to me. CC'ing @clayborg to see what he thinks about it also.

labath edited edge metadata.Mar 30 2017, 8:43 AM

The additional check sounds fine. There's a test for this class in unittests/Process/gdb-remote/GDBRemoteCommunicationClientTest.cpp where you can add a test for this behavior.

clayborg requested changes to this revision.Mar 30 2017, 2:19 PM

Simple logic change so we don't check the range validity more than once.

source/Plugins/Process/gdb-remote/GDBRemoteCommunicationClient.cpp
1506–1510

Logic is fine, but I would work this into the if statement below. Something like:

if (region_info.GetRange().IsValid()) {
  if (!saw_permissions) {
    region_info.SetReadable(MemoryRegionInfo::eNo);
    region_info.SetWritable(MemoryRegionInfo::eNo);
    region_info.SetExecutable(MemoryRegionInfo::eNo);
    region_info.SetMapped(MemoryRegionInfo::eNo);
  }
} else {
  // We got an invalid address range back
  error.SetErrorString("Server returned invalid range");
}
This revision now requires changes to proceed.Mar 30 2017, 2:19 PM
xiaobai updated this revision to Diff 93566.Mar 30 2017, 4:51 PM
xiaobai edited edge metadata.

Added unit tests for the method and changed the logic according to clayborg's suggestion.

xiaobai marked an inline comment as done.Mar 30 2017, 4:52 PM
xiaobai added inline comments.
source/Plugins/Process/gdb-remote/GDBRemoteCommunicationClient.cpp
1506–1510

Thanks for pointing that out!

clayborg accepted this revision.Mar 30 2017, 6:31 PM

Looks good.

This revision is now accepted and ready to land.Mar 30 2017, 6:31 PM
labath accepted this revision.Mar 31 2017, 3:00 AM

Thank you for adding the test. Lgtm, assuming the second getmemoryregioninfo call is accidental.

unittests/Process/gdb-remote/GDBRemoteCommunicationClientTest.cpp
373

This seems out of place. Should we delete it?

xiaobai marked an inline comment as done.Mar 31 2017, 9:34 AM

I'll resubmit after removing the extra code in the test and get somebody to commit for me.

unittests/Process/gdb-remote/GDBRemoteCommunicationClientTest.cpp
373

Whoops! I was going to extend this test further but I decided not to in the end and forgot to remove this. Thanks for pointing it out.

xiaobai updated this revision to Diff 93674.Mar 31 2017, 9:40 AM

Removed extra code in unit test

Closed by commit rL299239: Verify memory address range validity in GDBRemoteCommunicationClient (authored by sas). · Explain WhyMar 31 2017, 11:13 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
source/
Plugins/
Process/
gdb-remote/
19 lines
unittests/
Process/
gdb-remote/
43 lines

Diff 93566

source/Plugins/Process/gdb-remote/GDBRemoteCommunicationClient.cpp

Show First 20 LinesShow All 1,497 Lines▼ Show 20 Lines if (SendPacketAndWaitForResponse(packet, response, false) ==
StringExtractorGDBRemote error_extractor(value); StringExtractorGDBRemote error_extractor(value);
std::string error_string; std::string error_string;
// Now convert the HEX bytes into a string value // Now convert the HEX bytes into a string value
error_extractor.GetHexByteString(error_string); error_extractor.GetHexByteString(error_string);
error.SetErrorString(error_string.c_str()); error.SetErrorString(error_string.c_str());
} }
} }
if (region_info.GetRange().IsValid()) {
// We got a valid address range back but no permissions -- which means // We got a valid address range back but no permissions -- which means
// this is an unmapped page // this is an unmapped page
if (region_info.GetRange().IsValid() && saw_permissions == false) { if (!saw_permissions) {
region_info.SetReadable(MemoryRegionInfo::eNo); region_info.SetReadable(MemoryRegionInfo::eNo);
clayborgUnsubmitted
Done
ReplyInline Actions

Logic is fine, but I would work this into the if statement below. Something like:

if (region_info.GetRange().IsValid()) {
  if (!saw_permissions) {
    region_info.SetReadable(MemoryRegionInfo::eNo);
    region_info.SetWritable(MemoryRegionInfo::eNo);
    region_info.SetExecutable(MemoryRegionInfo::eNo);
    region_info.SetMapped(MemoryRegionInfo::eNo);
  }
} else {
  // We got an invalid address range back
  error.SetErrorString("Server returned invalid range");
}
clayborg: Logic is fine, but I would work this into the if statement below. Something like: ``` if…
xiaobaiAuthorUnsubmitted
Not Done
ReplyInline Actions

Thanks for pointing that out!

xiaobai: Thanks for pointing that out!
region_info.SetWritable(MemoryRegionInfo::eNo); region_info.SetWritable(MemoryRegionInfo::eNo);
region_info.SetExecutable(MemoryRegionInfo::eNo); region_info.SetExecutable(MemoryRegionInfo::eNo);
region_info.SetMapped(MemoryRegionInfo::eNo); region_info.SetMapped(MemoryRegionInfo::eNo);
} }
} else { } else {
// We got an invalid address range back
error.SetErrorString("Server returned invalid range");
}
} else {
m_supports_memory_region_info = eLazyBoolNo; m_supports_memory_region_info = eLazyBoolNo;
} }
} }
if (m_supports_memory_region_info == eLazyBoolNo) { if (m_supports_memory_region_info == eLazyBoolNo) {
error.SetErrorString("qMemoryRegionInfo is not supported"); error.SetErrorString("qMemoryRegionInfo is not supported");
} }
if (error.Fail()) if (error.Fail())
▲ Show 20 LinesShow All 2,139 LinesShow Last 20 Lines

unittests/Process/gdb-remote/GDBRemoteCommunicationClientTest.cpp

//===-- GDBRemoteCommunicationClientTest.cpp --------------------*- C++ -*-===// //===-- GDBRemoteCommunicationClientTest.cpp --------------------*- C++ -*-===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include <future> #include <future>
#include "GDBRemoteTestUtils.h" #include "GDBRemoteTestUtils.h"
#include "Plugins/Process/gdb-remote/GDBRemoteCommunicationClient.h" #include "Plugins/Process/gdb-remote/GDBRemoteCommunicationClient.h"
#include "lldb/Core/ModuleSpec.h" #include "lldb/Core/ModuleSpec.h"
#include "lldb/Core/StructuredData.h" #include "lldb/Core/StructuredData.h"
#include "lldb/Target/MemoryRegionInfo.h"
#include "lldb/Utility/DataBuffer.h" #include "lldb/Utility/DataBuffer.h"
#include "llvm/ADT/ArrayRef.h" #include "llvm/ADT/ArrayRef.h"
using namespace lldb_private::process_gdb_remote; using namespace lldb_private::process_gdb_remote;
using namespace lldb_private; using namespace lldb_private;
using namespace lldb; using namespace lldb;
using namespace llvm; using namespace llvm;
▲ Show 20 LinesShow All 302 Lines▼ Show 20 LinesTEST_F(GDBRemoteCommunicationClientTest, SendSignalsToIgnore) {
result = std::async(std::launch::async, [&] { result = std::async(std::launch::async, [&] {
return client.SendSignalsToIgnore(std::vector<int32_t>()); return client.SendSignalsToIgnore(std::vector<int32_t>());
}); });
HandlePacket(server, "QPassSignals:", "OK"); HandlePacket(server, "QPassSignals:", "OK");
EXPECT_TRUE(result.get().Success()); EXPECT_TRUE(result.get().Success());
} }
TEST_F(GDBRemoteCommunicationClientTest, GetMemoryRegionInfo) {
TestClient client;
MockServer server;
Connect(client, server);
if (HasFailure())
return;
const lldb::addr_t addr = 0xa000;
MemoryRegionInfo region_info;
std::future<Error> result = std::async(std::launch::async, [&] {
return client.GetMemoryRegionInfo(addr, region_info);
});
// name is: /foo/bar.so
HandlePacket(server,
"qMemoryRegionInfo:a000",
"start:a000;size:2000;permissions:rx;name:2f666f6f2f6261722e736f;");
EXPECT_TRUE(result.get().Success());
}
TEST_F(GDBRemoteCommunicationClientTest, GetMemoryRegionInfoInvalidResponse) {
TestClient client;
MockServer server;
Connect(client, server);
if (HasFailure())
return;
const lldb::addr_t addr = 0x4000;
MemoryRegionInfo region_info;
std::future<Error> result = std::async(std::launch::async, [&] {
return client.GetMemoryRegionInfo(addr, region_info);
});
HandlePacket(server, "qMemoryRegionInfo:4000", "start:4000;size:0000;");
EXPECT_FALSE(result.get().Success());
result = std::async(std::launch::async, [&] {
labathUnsubmitted
Not Done
ReplyInline Actions

This seems out of place. Should we delete it?

labath: This seems out of place. Should we delete it?
xiaobaiAuthorUnsubmitted
Not Done
ReplyInline Actions

Whoops! I was going to extend this test further but I decided not to in the end and forgot to remove this. Thanks for pointing it out.

xiaobai: Whoops! I was going to extend this test further but I decided not to in the end and forgot to…
return client.GetMemoryRegionInfo(addr, region_info);
});
}