diff options
author | Mark Wielaard <mark@klomp.org> | 2020-04-26 02:10:41 +0200 |
---|---|---|
committer | Mark Wielaard <mark@klomp.org> | 2020-04-26 02:37:16 +0200 |
commit | a894c63dba7019ceb8f6aa2c3cdcef519c65c92d (patch) | |
tree | c386c6ea98fb3c382d3cc523eb364e1ac4442ea0 /libdwfl | |
parent | 5436c7529dd9b24f62e3df10e30d5da53da16efd (diff) | |
download | elfutils-a894c63dba7019ceb8f6aa2c3cdcef519c65c92d.tar.gz |
libdwfl: Fix double free on failure path in gzip.c.
GCC10 -fanalyzer found a double free when openstream failed. When
openstream fails __libdw_gunzip will call fail, which frees the
state->buffer. But openstream can call zlib_fail, which will also
call fail. Instead of calling zlib_fail, just return the error
that zlib_fail would have returned.
Signed-off-by: Mark Wielaard <mark@klomp.org>
Diffstat (limited to 'libdwfl')
-rw-r--r-- | libdwfl/ChangeLog | 5 | ||||
-rw-r--r-- | libdwfl/gzip.c | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog index 4ddc9ad4..daedaed8 100644 --- a/libdwfl/ChangeLog +++ b/libdwfl/ChangeLog @@ -1,3 +1,8 @@ +2020-04-25 Mark Wielaard <mark@klomp.org> + + * gzip.c (open_stream): Return DWFL_E_NOMEM instead of calling + zlib_fail. + 2020-04-16 Mark Wielaard <mark@klomp.org> * find-debuginfo.c (dwfl_standard_find_debuginfo): Initialize bits diff --git a/libdwfl/gzip.c b/libdwfl/gzip.c index 043d0b6e..e9988cc2 100644 --- a/libdwfl/gzip.c +++ b/libdwfl/gzip.c @@ -153,7 +153,7 @@ open_stream (int fd, off_t start_offset, struct unzip_state *state) if (unlikely (state->zf == NULL)) { close (d); - return zlib_fail (state, Z (MEM_ERROR)); + return DWFL_E_NOMEM; } /* From here on, zlib will close D. */ |