diff options
| author | Joel Brobecker <brobecker@gnat.com> | 2012-11-26 17:41:42 +0000 |
|---|---|---|
| committer | Joel Brobecker <brobecker@gnat.com> | 2012-11-26 17:41:42 +0000 |
| commit | 0b48a6d936c01e813f4fc842aae6d6500e7a9cdf (patch) | |
| tree | 5b799f7ecc0f7b3a6a23d9dcf519aa61cedb1fbe /gdb/exec.c | |
| parent | 77be3edd8c16c3debecfe5e177be2c1706250097 (diff) | |
| download | gdb-0b48a6d936c01e813f4fc842aae6d6500e7a9cdf.tar.gz | |
Do not crash when calling GDB with empty executable name.
% gdb -q ''
... or ...
% gdb -q
(gdb) file ''
... both cause GDB to crash with an invalid free. This is because
exec_file_attach is attempting to free a string that has not been
allocated. The string is only allocated if openp is successful.
But in the case of this obviously invalid filename, openp fails,
and leaves scratch_pathname uninitialized, thus causing the xfree
to fail.
The fix is to enable the associated cleanup after we have verified
that openp was successful.
gdb/ChangeLog (By Keith Seitz <keiths@redhat.com>):
* exec.c (exec_file_attach): Move cleanup after verifying that
memory has in fact been allocated.
gdb/testsuite/ChangeLog:
* gdb.base/empty_exe.exp: New testcase.
Diffstat (limited to 'gdb/exec.c')
| -rw-r--r-- | gdb/exec.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/gdb/exec.c b/gdb/exec.c index 615d5c097ed..21d3c3c4c5b 100644 --- a/gdb/exec.c +++ b/gdb/exec.c @@ -225,11 +225,11 @@ exec_file_attach (char *filename, int from_tty) &scratch_pathname); } #endif + if (scratch_chan < 0) + perror_with_name (filename); cleanups = make_cleanup (xfree, scratch_pathname); - if (scratch_chan < 0) - perror_with_name (filename); if (write_files) exec_bfd = gdb_bfd_fopen (scratch_pathname, gnutarget, FOPEN_RUB, scratch_chan); |