This is the mail archive of the elfutils-devel@sourceware.org mailing list for the elfutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[PATCH] libdw: Fix bad free on invalid data in dwarf_getsrclines.c.


If the last dir name wasn't zero terminated we goto invalid_data
and might free the wrong data because we believe ndirlist is valid.
Don't update ndirlist until we are sure we will use all dirs.

Signed-off-by: Mark Wielaard <mjw@redhat.com>
---
 libdw/ChangeLog           | 5 +++++
 libdw/dwarf_getsrclines.c | 6 ++++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index fc80e8d..36c332a 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,8 @@
+2016-02-13  Mark Wielaard  <mjw@redhat.com>
+
+	* dwarf_getsrclines.c (read_srclines): Calculate ndirs first, then
+	assign to ndirlist.
+
 2015-12-18  Mark Wielaard  <mjw@redhat.com>
 
 	* libdwP.h (struct Dwarf): Remove sectiondata_gzip_mask.
diff --git a/libdw/dwarf_getsrclines.c b/libdw/dwarf_getsrclines.c
index dd1b3c1..d02c38d 100644
--- a/libdw/dwarf_getsrclines.c
+++ b/libdw/dwarf_getsrclines.c
@@ -1,5 +1,5 @@
 /* Return line number information of CU.
-   Copyright (C) 2004-2010, 2013, 2014, 2015 Red Hat, Inc.
+   Copyright (C) 2004-2010, 2013, 2014, 2015, 2016 Red Hat, Inc.
    This file is part of elfutils.
    Written by Ulrich Drepper <drepper@redhat.com>, 2004.
 
@@ -288,14 +288,16 @@ read_srclines (Dwarf *dbg,
 
   /* First count the entries.  */
   const unsigned char *dirp = linep;
+  unsigned int ndirs = 0;
   while (*dirp != 0)
     {
       uint8_t *endp = memchr (dirp, '\0', lineendp - dirp);
       if (endp == NULL)
 	goto invalid_data;
-      ++ndirlist;
+      ++ndirs;
       dirp = endp + 1;
     }
+  ndirlist += ndirs;
 
   /* Arrange the list in array form.  */
   if (ndirlist >= MAX_STACK_DIRS)
-- 
2.5.0

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]