From cb54bb8f0d61ce2afb138e0ac4c7d29188d88347 Mon Sep 17 00:00:00 2001
From: Laura Abbott <lauraa@codeaurora.org>
Date: Tue, 15 Apr 2014 19:00:36 -0700
Subject: [PATCH] linux-ramdump-parser-v2: Bounds check stackunwinding

The stack values may be bogus for a variety of reasons. Bounds
check these values and error out.

Change-Id: I646d7f6e8d2f0e03f0b36bc30d7b1bbaa604fc98
---
 linux-ramdump-parser-v2/ramdump.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/linux-ramdump-parser-v2/ramdump.py b/linux-ramdump-parser-v2/ramdump.py
index 71d89b9..169a795 100644
--- a/linux-ramdump-parser-v2/ramdump.py
+++ b/linux-ramdump-parser-v2/ramdump.py
@@ -109,6 +109,12 @@ class RamDump():
 
         def unwind_frame_generic64(self, frame, trace=False):
             fp = frame.fp
+            low = frame.sp
+            mask = (self.ramdump.thread_size) - 1
+            high = (low + mask) & (~mask)
+
+            if (fp < low or fp > high or fp & 0xf):
+                return
 
             frame.sp = fp + 0x10
             frame.fp = self.ramdump.read_word(fp)
-- 
GitLab