[binutils-gdb] libctf: fix use-after-free in function dumping
Jose E.Marchesi
jemarch@sourceware.org
Tue Jun 4 16:12:00 GMT 2019
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=941accce38bc70a23c62e3c9439b67bf23298124
commit 941accce38bc70a23c62e3c9439b67bf23298124
Author: Nick Alcock <nick.alcock@oracle.com>
Date: Mon Jun 3 20:26:02 2019 +0100
libctf: fix use-after-free in function dumping
This is actually a free-before-initializing (i.e. a free of garbage).
libctf/
* ctf-dump.c (ctf_dump_funcs): Free in the right place.
Diff:
---
libctf/ChangeLog | 4 ++++
libctf/ctf-dump.c | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/libctf/ChangeLog b/libctf/ChangeLog
index d059d58..01b8d8da 100644
--- a/libctf/ChangeLog
+++ b/libctf/ChangeLog
@@ -1,3 +1,7 @@
+2019-06-03 Nick Alcock <nick.alcock@oracle.com>
+
+ * ctf-dump.c (ctf_dump_funcs): Free in the right place.
+
2019-05-29 Nick Alcock <nick.alcock@oracle.com>
* Makefile.am (ZLIB): New.
diff --git a/libctf/ctf-dump.c b/libctf/ctf-dump.c
index c2ed791..82f63c2 100644
--- a/libctf/ctf-dump.c
+++ b/libctf/ctf-dump.c
@@ -273,7 +273,6 @@ ctf_dump_funcs (ctf_file_t *fp, ctf_dump_state_t *state)
goto err;
str = ctf_str_append (str, " ");
- free (bit);
/* Function name. */
@@ -290,6 +289,7 @@ ctf_dump_funcs (ctf_file_t *fp, ctf_dump_state_t *state)
}
str = ctf_str_append (str, bit);
str = ctf_str_append (str, " (");
+ free (bit);
/* Function arguments. */
More information about the Gdb-cvs
mailing list