PR30828, notes obstack memory corruption
Checks
Commit Message
Commit 3bab069c29b3 carelessly allowed "string" to be released from
the notes obstack twice, with the second call to obstack_free
releasing memory for a fixup that just happened to be the same size as
the original string. The fixup then of course was overwritten.
This patch fixes that problem, and another that could occur on an
error path.
PR 30828
* stabs.c (s_stab_generic): Don't free string twice. Don't
blow away entire notes obstack on a missing string.
@@ -262,7 +262,7 @@ s_stab_generic (int what,
{
as_warn (_(".stab%c: missing string"), what);
ignore_rest_of_line ();
- goto out;
+ goto out2;
}
/* FIXME: We should probably find some other temporary storage
for string, rather than leaking memory if someone else
@@ -350,7 +350,10 @@ s_stab_generic (int what,
This must be done before creating symbols below, which uses
the notes obstack. */
if (saved_string_obstack_end == obstack_next_free (¬es))
- obstack_free (¬es, string);
+ {
+ obstack_free (¬es, string);
+ saved_string_obstack_end = NULL;
+ }
/* At least for now, stabs in a special stab section are always
output as 12 byte blocks of information. */
@@ -398,6 +401,7 @@ s_stab_generic (int what,
out:
if (saved_string_obstack_end == obstack_next_free (¬es))
obstack_free (¬es, string);
+ out2:
subseg_set (saved_seg, saved_subseg);
}