diff options
Diffstat (limited to 'cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c')
-rw-r--r-- | cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c b/cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c index 77b49895a571..c8048c70e0b3 100644 --- a/cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c +++ b/cddl/contrib/opensolaris/tools/ctf/cvt/ctf.c @@ -52,6 +52,8 @@ static char *curfile; #define CTF_BUF_CHUNK_SIZE (64 * 1024) #define RES_BUF_CHUNK_SIZE (64 * 1024) +static int ntypes=0; /* The number of types. */ + struct ctf_buf { strtab_t ctb_strtab; /* string table */ caddr_t ctb_base; /* pointer to base of buffer */ @@ -1143,6 +1145,10 @@ resurrect_types(ctf_header_t *h, tdata_t *td, tdesc_t **tdarr, int tdsize, (*mpp)->ml_type = tdarr[ctm->ctm_type]; (*mpp)->ml_offset = ctm->ctm_offset; (*mpp)->ml_size = 0; + if (ctm->ctm_type > ntypes) { + parseterminate("Invalid member type ctm_type=%d", + ctm->ctm_type); + } } } else { for (i = 0, mpp = &tdp->t_members; i < vlen; @@ -1159,6 +1165,10 @@ resurrect_types(ctf_header_t *h, tdata_t *td, tdesc_t **tdarr, int tdsize, (*mpp)->ml_offset = (int)CTF_LMEM_OFFSET(ctlm); (*mpp)->ml_size = 0; + if (ctlm->ctlm_type > ntypes) { + parseterminate("Invalid lmember type ctlm_type=%d", + ctlm->ctlm_type); + } } } @@ -1272,9 +1282,10 @@ ctf_parse(ctf_header_t *h, caddr_t buf, symit_data_t *si, char *label) { tdata_t *td = tdata_new(); tdesc_t **tdarr; - int ntypes = count_types(h, buf); int idx, i; + ntypes = count_types(h, buf); + /* shudder */ tdarr = xcalloc(sizeof (tdesc_t *) * (ntypes + 1)); tdarr[0] = NULL; |