aboutsummaryrefslogtreecommitdiff
path: root/cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c
diff options
context:
space:
mode:
Diffstat (limited to 'cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c')
-rw-r--r--cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c27
1 files changed, 21 insertions, 6 deletions
diff --git a/cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c b/cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c
index d95dd1db1653..e3ec1e1bf0cf 100644
--- a/cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c
+++ b/cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c
@@ -19,12 +19,10 @@
* CDDL HEADER END
*/
/*
- * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
-#pragma ident "%Z%%M% %I% %E% SMI"
-
/*
* Create and parse buffers containing CTF data.
*/
@@ -174,6 +172,12 @@ write_functions(iidesc_t *idp, ctf_buf_t *b)
}
nargs = idp->ii_nargs + (idp->ii_vargs != 0);
+
+ if (nargs > CTF_MAX_VLEN) {
+ terminate("function %s has too many args: %d > %d\n",
+ idp->ii_name, nargs, CTF_MAX_VLEN);
+ }
+
fdata[0] = CTF_TYPE_INFO(CTF_K_FUNCTION, 1, nargs);
fdata[1] = idp->ii_dtype->t_id;
ctf_buf_write(b, fdata, sizeof (fdata));
@@ -316,6 +320,11 @@ write_type(void *arg1, void *arg2)
for (i = 0, mp = tp->t_members; mp != NULL; mp = mp->ml_next)
i++; /* count up struct or union members */
+ if (i > CTF_MAX_VLEN) {
+ terminate("sou %s has too many members: %d > %d\n",
+ tdesc_name(tp), i, CTF_MAX_VLEN);
+ }
+
if (tp->t_type == STRUCT)
ctt.ctt_info = CTF_TYPE_INFO(CTF_K_STRUCT, isroot, i);
else
@@ -398,8 +407,14 @@ write_type(void *arg1, void *arg2)
break;
case FUNCTION:
- ctt.ctt_info = CTF_TYPE_INFO(CTF_K_FUNCTION, isroot,
- tp->t_fndef->fn_nargs + tp->t_fndef->fn_vargs);
+ i = tp->t_fndef->fn_nargs + tp->t_fndef->fn_vargs;
+
+ if (i > CTF_MAX_VLEN) {
+ terminate("function %s has too many args: %d > %d\n",
+ i, CTF_MAX_VLEN);
+ }
+
+ ctt.ctt_info = CTF_TYPE_INFO(CTF_K_FUNCTION, isroot, i);
ctt.ctt_type = tp->t_fndef->fn_ret->t_id;
write_unsized_type_rec(b, &ctt);
@@ -938,7 +953,7 @@ resurrect_types(ctf_header_t *h, tdata_t *td, tdesc_t **tdarr, int tdsize,
if (CTF_NAME_STID(ctt->ctt_name) != CTF_STRTAB_0)
parseterminate(
- "Unable to cope with non-zero strtab id");
+ "Unable to cope with non-zero strtab id");
if (CTF_NAME_OFFSET(ctt->ctt_name) != 0) {
tdp->t_name =
xstrdup(sbuf + CTF_NAME_OFFSET(ctt->ctt_name));
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 06:02:32 +0000