This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH][gdb] Fix heap-use-after-free in typename_concat

From: Tom de Vries <tdevries at suse dot de>
To: Tom Tromey <tom at tromey dot com>
Cc: gdb-patches at sourceware dot org
Date: Fri, 17 May 2019 09:43:35 +0200
Subject: Re: [PATCH][gdb] Fix heap-use-after-free in typename_concat
References: <20190503093124.GA27838@delia> <878sv6w7si.fsf@tromey.com>

On 16-05-19 20:53, Tom Tromey wrote:
>>>>>> "Tom" == Tom de Vries <tdevries@suse.de> writes:
> 
> Tom> When running gdb using AddressSanitizer, and loading a cc1plus binary built
> Tom> with profiledbootstrap and -flto, we run into a heap-use-after-free error:
> 
> Thanks for finding this.
> 
> Tom> +	{
> Tom> +	  struct cu_partial_die_info res;
> Tom> +	  res.pdi = pd;
> Tom> +	  res.cu = cu;
> Tom> +	  return res;
> Tom> +	}
> 
> Can't this be just "return {pd, cu};"?
> 

Indeed.

Addressed at both locations in commit-post at
https://sourceware.org/ml/gdb-patches/2019-05/msg00408.html .

Thanks,
- Tom

References:
- [PATCH][gdb] Fix heap-use-after-free in typename_concat
  - From: Tom de Vries
- Re: [PATCH][gdb] Fix heap-use-after-free in typename_concat
  - From: Tom Tromey

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]