PR26539, memory leak in inflate.c
H.J. Lu
hjl.tools@gmail.com
Sun Jan 24 20:26:01 GMT 2021
On Sun, Jan 24, 2021 at 11:48 AM H.J. Lu <hjl.tools@gmail.com> wrote:
>
> On Fri, Jan 15, 2021 at 4:34 PM Alan Modra via Binutils
> <binutils@sourceware.org> wrote:
> >
> > On Sat, Jan 16, 2021 at 08:47:24AM +1030, Alan Modra wrote:
> > > I guess it would have been nicer to write the following
> > >
> > > if (inflateEnd (& strm) != Z_OK
> > > || rc != Z_OK
> > > || strm.avail_out != 0)
> > > goto fail;
> >
> > So let's do that.
> >
> > bfd/
> > * compress.c (decompress_contents): Tidy inflateEnd result test.
> > binutils/
> > * readelf.c (uncompress_section_contents): Tidy inflateEnd result test.
> >
> > diff --git a/bfd/compress.c b/bfd/compress.c
> > index 4cd9b2e673..2e73c760e7 100644
> > --- a/bfd/compress.c
> > +++ b/bfd/compress.c
> > @@ -60,8 +60,7 @@ decompress_contents (bfd_byte *compressed_buffer,
> > break;
> > rc = inflateReset (&strm);
> > }
> > - rc |= inflateEnd (&strm);
> > - return rc == Z_OK && strm.avail_out == 0;
> > + return inflateEnd (&strm) == Z_OK && rc == Z_OK && strm.avail_out == 0;
> > }
>
> inflate has
>
> if (((in == 0 && out == 0) || flush == Z_FINISH) && ret == Z_OK)
> ret = Z_BUF_ERROR;
>
> and it returns Z_BUF_ERROR at the end:
>
> 1272 if (((in == 0 && out == 0) || flush == Z_FINISH) && ret == Z_OK)
> (gdb) p in
> $71 = 1428
> (gdb) p out
> $72 = 4738
> (gdb) p flush
> $73 = 4
> (gdb) p ret
> $74 = 0
> (gdb)
>
> Checking rc == Z_OK after inflateEnd (&strm) == Z_OK looks odd.
>
Never mind.
--
H.J.
More information about the Binutils
mailing list