From patchwork Fri May 9 14:35:23 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Burgess X-Patchwork-Id: 859 Return-Path: X-Original-To: siddhesh@wilcox.dreamhost.com Delivered-To: siddhesh@wilcox.dreamhost.com Received: from homiemail-mx22.g.dreamhost.com (mx2.sub5.homie.mail.dreamhost.com [208.113.200.128]) by wilcox.dreamhost.com (Postfix) with ESMTP id DD7F3360073 for ; Fri, 9 May 2014 07:36:07 -0700 (PDT) Received: by homiemail-mx22.g.dreamhost.com (Postfix, from userid 14314964) id 9C5B9566EE84; Fri, 9 May 2014 07:36:07 -0700 (PDT) X-Original-To: gdb@patchwork.siddhesh.in Delivered-To: x14314964@homiemail-mx22.g.dreamhost.com Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by homiemail-mx22.g.dreamhost.com (Postfix) with ESMTPS id 6649B565A385 for ; Fri, 9 May 2014 07:36:07 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id :mime-version:content-type; q=dns; s=default; b=gE/90Jnkzd3cYpj9 vn8oa8cPhA0IpWp1F8JZMUb13nrtrC0Jx7nPV4wJxRV2dyICsmwsTJq/Kplh2PxU 9t97fxT0a0w1v4uW8hPOzuRjwqeHH1jkwZO3b7+34rlwxg2Q3RcRdG9QzA1uykoH 93R7GskUZ4L2Fttd9BePf73ahws= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:cc:subject:date:message-id :mime-version:content-type; s=default; bh=IemkBKg3QrhmLjSfyNYiRx Nx0AI=; b=R+kAvP7axAFTuP7/+14VSmrzL7v/ddURaeJ2XNzU5fCBnL5PFVQ9h/ M2Er3hTBavcXtVGc1bwf06PTh9UbFCSbfyAl8U4P0f4QnODYEULUgoo1Yinbn+lU ga3LC94G4xnmHHS/hJRyYBdHPboDFyXd/nlQIJOgyOTMxdAfMPqYk= Received: (qmail 6139 invoked by alias); 9 May 2014 14:35:54 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 6078 invoked by uid 89); 9 May 2014 14:35:53 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-3.0 required=5.0 tests=AWL, BAYES_00, RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: mail-gw1-out.broadcom.com Received: from mail-gw1-out.broadcom.com (HELO mail-gw1-out.broadcom.com) (216.31.210.62) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 09 May 2014 14:35:51 +0000 Received: from irvexchcas08.broadcom.com (HELO IRVEXCHCAS08.corp.ad.broadcom.com) ([10.9.208.57]) by mail-gw1-out.broadcom.com with ESMTP; 09 May 2014 08:51:37 -0700 Received: from IRVEXCHSMTP1.corp.ad.broadcom.com (10.9.207.51) by IRVEXCHCAS08.corp.ad.broadcom.com (10.9.208.57) with Microsoft SMTP Server (TLS) id 14.3.174.1; Fri, 9 May 2014 07:35:50 -0700 Received: from mail-irva-13.broadcom.com (10.10.10.20) by IRVEXCHSMTP1.corp.ad.broadcom.com (10.9.207.51) with Microsoft SMTP Server id 14.3.174.1; Fri, 9 May 2014 07:35:50 -0700 Received: from xl-cam-21.broadcom.com (xl-cam-21.cam.broadcom.com [10.177.132.81]) by mail-irva-13.broadcom.com (Postfix) with ESMTP id B3B865D818; Fri, 9 May 2014 07:35:49 -0700 (PDT) Received: by xl-cam-21.broadcom.com (Postfix, from userid 15136) id 116AE2CE899E; Fri, 9 May 2014 15:35:49 +0100 (BST) From: Andrew Burgess To: CC: , , Andrew Burgess Subject: [PATCH] cplus-demangler, free resource after a failed call to gnu_special. Date: Fri, 9 May 2014 15:35:23 +0100 Message-ID: <1399646123-9960-1-git-send-email-aburgess@broadcom.com> MIME-Version: 1.0 X-IsSubscribed: yes X-DH-Original-To: gdb@patchwork.siddhesh.in Fixes issue: https://sourceware.org/bugzilla/show_bug.cgi?id=16817 A call to gnu_special within internal_cplus_demangle could cause memory resources to be allocated, even if the demangle eventually fails. The following call into demangle_prefix will then be passed some partially initialised state. I've only tested this against the libiberty "make check" and against gdb on x86-64 linux. I don't have write access for gcc svn, but Broadcom does have a copyright assignment in place for gcc, so if this patch is approved, could someone apply it please. Thanks, Andrew libiberty/ChangeLog * cplus-dmem.c (internal_cplus_demangle): Free any resources allocated by possible previous call to gnu_special. (squangle_mop_up): Reset pointers to NULL after calling free. * testsuite/demangle-expected: New test case. --- libiberty/cplus-dem.c | 7 +++++++ libiberty/testsuite/demangle-expected | 5 +++++ 2 files changed, 12 insertions(+) diff --git a/libiberty/cplus-dem.c b/libiberty/cplus-dem.c index e948487..1c41c6f 100644 --- a/libiberty/cplus-dem.c +++ b/libiberty/cplus-dem.c @@ -1175,6 +1175,11 @@ internal_cplus_demangle (struct work_stuff *work, const char *mangled) if ((AUTO_DEMANGLING || GNU_DEMANGLING)) { success = gnu_special (work, &mangled, &decl); + if (!success) + { + delete_work_stuff (work); + string_delete (&decl); + } } if (!success) { @@ -1218,10 +1223,12 @@ squangle_mop_up (struct work_stuff *work) if (work -> btypevec != NULL) { free ((char *) work -> btypevec); + work->btypevec = NULL; } if (work -> ktypevec != NULL) { free ((char *) work -> ktypevec); + work->ktypevec = NULL; } } diff --git a/libiberty/testsuite/demangle-expected b/libiberty/testsuite/demangle-expected index 453f9a3..864ee7e 100644 --- a/libiberty/testsuite/demangle-expected +++ b/libiberty/testsuite/demangle-expected @@ -4343,3 +4343,8 @@ cereal::detail::InputBindingMap::Serializers cereal::p --format=gnu-v3 _ZNSt9_Any_data9_M_accessIPZ4postISt8functionIFvvEEEvOT_EUlvE_EERS5_v void post >(std::function&&)::{lambda()#1}*& std::_Any_data::_M_access >(void post >(std::function&&)::{lambda()#1}*&&)::{lambda()#1}*>() +# https://sourceware.org/bugzilla/show_bug.cgi?id=16817 +--format=auto --no-params +_QueueNotification_QueueController__$4PPPPPPPM_A_INotice___Z +_QueueNotification_QueueController__$4PPPPPPPM_A_INotice___Z +_QueueNotification_QueueController__$4PPPPPPPM_A_INotice___Z