diff options
| author | Alan Modra <amodra@gmail.com> | 2020-05-19 12:58:59 +0930 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2020-05-20 11:43:50 +0930 |
| commit | 7b958a48e1322880f23cdb0a1c35643dd27d3ddb (patch) | |
| tree | f22ca3f8b85ab4a5d371c465a899700a4989209f /gdb/symfile-mem.c | |
| parent | 84f800117f075b78932d3abdc0a09421bb9d2657 (diff) | |
| download | binutils-gdb-7b958a48e1322880f23cdb0a1c35643dd27d3ddb.tar.gz | |
PR25993, read of freed memory
ldmain.c:add_archive_element copies file name pointers from the bfd to
a lang_input_statement_type.
input->filename = abfd->filename;
input->local_sym_name = abfd->filename;
This results in stale pointers when twiddling the bfd filename in
places like the pe ld after_open. So don't free the bfd filename,
and make copies using bfd_alloc memory that won't result in small
memory leaks that annoy memory checkers.
PR 25993
bfd/
* archive.c (_bfd_get_elt_at_filepos): Don't strdup filename,
use bfd_set_filename.
* elfcode.h (_bfd_elf_bfd_from_remote_memory): Likewise.
* mach-o.c (bfd_mach_o_fat_member_init): Likewise.
* opncls.c (bfd_fopen, bfd_openstreamr, bfd_openr_iovec, bfd_openw),
(bfd_create): Likewise.
(_bfd_delete_bfd): Don't free filename.
(bfd_set_filename): Copy filename param to bfd_alloc'd memory,
return pointer to the copy or NULL on alloc fail.
* vms-lib.c (_bfd_vms_lib_get_module): Free newname and test
result of bfd_set_filename.
* bfd-in2.h: Regenerate.
gdb/
* solib-darwin.c (darwin_bfd_open): Don't strdup pathname for
bfd_set_filename.
* solib-aix.c (solib_aix_bfd_open): Use std::string for name
passed to bfd_set_filename.
* symfile-mem.c (add_vsyscall_page): Likewise for string
passed to symbol_file_add_from_memory.
(symbol_file_add_from_memory): Make name param a const char* and
don't strdup.
ld/
* emultempl/pe.em (gld_${EMULATION_NAME}_after_open): Don't copy
other_bfd_filename for bfd_set_filename, and test result of
bfd_set_filename call. Don't create a new is->filename, simply
copy from bfd filename. Free new_name after bfd_set_filename.
* emultempl/pep.em (gld_${EMULATION_NAME}_after_open): Likewise.
Diffstat (limited to 'gdb/symfile-mem.c')
| -rw-r--r-- | gdb/symfile-mem.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/gdb/symfile-mem.c b/gdb/symfile-mem.c index e2d2e43d7fa..78096fcbae1 100644 --- a/gdb/symfile-mem.c +++ b/gdb/symfile-mem.c @@ -78,11 +78,10 @@ target_read_memory_bfd (bfd_vma memaddr, bfd_byte *myaddr, bfd_size_type len) and read its in-core symbols out of inferior memory. SIZE, if non-zero, is the known size of the object. TEMPL is a bfd representing the target's format. NAME is the name to use for this - symbol file in messages; it can be NULL or a malloc-allocated string - which will be attached to the BFD. */ + symbol file in messages; it can be NULL. */ static struct objfile * symbol_file_add_from_memory (struct bfd *templ, CORE_ADDR addr, - size_t size, char *name, int from_tty) + size_t size, const char *name, int from_tty) { struct objfile *objf; struct bfd *nbfd; @@ -102,7 +101,7 @@ symbol_file_add_from_memory (struct bfd *templ, CORE_ADDR addr, gdb_bfd_ref_ptr nbfd_holder = gdb_bfd_ref_ptr::new_reference (nbfd); if (name == NULL) - name = xstrdup ("shared object read from target memory"); + name = "shared object read from target memory"; bfd_set_filename (nbfd, name); if (!bfd_check_format (nbfd, bfd_object)) @@ -183,8 +182,9 @@ add_vsyscall_page (struct target_ops *target, int from_tty) return; } - char *name = xstrprintf ("system-supplied DSO at %s", - paddress (target_gdbarch (), vsyscall_range.start)); + std::string name = string_printf ("system-supplied DSO at %s", + paddress (target_gdbarch (), + vsyscall_range.start)); try { /* Pass zero for FROM_TTY, because the action of loading the @@ -193,7 +193,7 @@ add_vsyscall_page (struct target_ops *target, int from_tty) symbol_file_add_from_memory (bfd, vsyscall_range.start, vsyscall_range.length, - name, + name.c_str (), 0 /* from_tty */); } catch (const gdb_exception &ex) |