summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJosé Fonseca <[email protected]>2009-04-30 13:10:58 +0100
committerKeith Whitwell <[email protected]>2009-05-08 14:57:27 +0100
commitbe3f9dd26cf59cadc21e4d5cc27dd199c9752b1c (patch)
treee7ef76ab8b2e77ad1212ad2ca55322fa436141d1
parentf628d7f5eebe9743f85ea8edf7c09b32cf393e4a (diff)
util: Limit the stack walk to avoid referencing undefined memory.
-rw-r--r--src/gallium/auxiliary/util/u_debug_stack.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/src/gallium/auxiliary/util/u_debug_stack.c b/src/gallium/auxiliary/util/u_debug_stack.c
index e9891fde8a3..528a1c394be 100644
--- a/src/gallium/auxiliary/util/u_debug_stack.c
+++ b/src/gallium/auxiliary/util/u_debug_stack.c
@@ -62,6 +62,8 @@ debug_backtrace_capture(struct debug_stack_frame *backtrace,
#ifdef PIPE_ARCH_X86
while(nr_frames) {
+ const void **next_frame_pointer;
+
if(!frame_pointer)
break;
@@ -72,7 +74,14 @@ debug_backtrace_capture(struct debug_stack_frame *backtrace,
--nr_frames;
}
- frame_pointer = (const void **)frame_pointer[0];
+ next_frame_pointer = (const void **)frame_pointer[0];
+
+ /* Limit the stack walk to avoid referencing undefined memory */
+ if((uintptr_t)next_frame_pointer <= (uintptr_t)frame_pointer ||
+ (uintptr_t)next_frame_pointer > (uintptr_t)frame_pointer + 64*1024)
+ break;
+
+ frame_pointer = next_frame_pointer;
}
#endif