From patchwork Tue Oct 17 12:20:14 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Pedro Alves <palves@redhat.com>
X-Patchwork-Id: 23637
Received: (qmail 106343 invoked by alias); 17 Oct 2017 12:20:22 -0000
Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <gdb-patches.sourceware.org>
List-Unsubscribe: <mailto:gdb-patches-unsubscribe-##L=##H@sourceware.org>
List-Subscribe: <mailto:gdb-patches-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sourceware.org>
List-Help: <mailto:gdb-patches-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: gdb-patches-owner@sourceware.org
Delivered-To: mailing list gdb-patches@sourceware.org
Received: (qmail 106330 invoked by uid 89); 17 Oct 2017 12:20:21 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-26.9 required=5.0 tests=BAYES_00, GIT_PATCH_0,
	GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RP_MATCHES_RCVD,
	SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=
X-HELO: mx1.redhat.com
Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by
	sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP;
	Tue, 17 Oct 2017 12:20:16 +0000
Received: from smtp.corp.redhat.com
	(int-mx03.intmail.prod.int.phx2.redhat.com
	[10.5.11.13])	(using TLSv1.2 with cipher AECDH-AES256-SHA
	(256/256 bits))	(No client certificate requested)	by
	mx1.redhat.com (Postfix) with ESMTPS id 8E5F7A14C9	for
	<gdb-patches@sourceware.org>; Tue, 17 Oct 2017 12:20:15 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 8E5F7A14C9
Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com;
	dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com;
	spf=fail smtp.mailfrom=palves@redhat.com
Received: from [127.0.0.1] (ovpn04.gateway.prod.ext.ams2.redhat.com
	[10.39.146.4])	by smtp.corp.redhat.com (Postfix) with ESMTP
	id 125A060603	for <gdb-patches@sourceware.org>;
	Tue, 17 Oct 2017 12:20:14 +0000 (UTC)
Subject: [PATCH] xml_fetch_content_from_file: Read in whole file in one go
	(Re: [pushed] Fix double-free corruption)
To: gdb-patches@sourceware.org
References: <1508240517-15322-1-git-send-email-palves@redhat.com>
From: Pedro Alves <palves@redhat.com>
Message-ID: <199a50c3-4f55-c40e-7dcf-47db0ef27798@redhat.com>
Date: Tue, 17 Oct 2017 13:20:14 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:45.0) Gecko/20100101 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <1508240517-15322-1-git-send-email-palves@redhat.com>

On 10/17/2017 12:41 PM, Pedro Alves wrote:
> Fixes a double-free regression introduced by commit b7b030adc405
> ("Return unique_xmalloc_ptr from target_read_stralloc"):
> 
> gdb.sum:
>   Running src/gdb/testsuite/gdb.base/catch-syscall.exp ...
>   ERROR: Process no longer exists
> 


...


> The problem is that if xrealloc decides it needs a new memory block,
> it frees the previous block/pointer, and then text.reset() frees it
> again.

Looking a bit deeper, I can't seem to find a reason this code is
reading in chunks in the first place?  Why not read it all in one
go?  Like patch below.

From a08ecd67cf5bd87c7d2e64ca443017b78d76aa04 Mon Sep 17 00:00:00 2001
From: Pedro Alves <palves@redhat.com>
Date: Tue, 17 Oct 2017 13:02:13 +0100
Subject: [PATCH] xml_fetch_content_from_file: Read in whole file in one go

There doesn't seem to be a good reason we're reading the file one
chunk at a time.

gdb/ChangeLog:
2017-10-17  Pedro Alves  <palves@redhat.com>

	* xml-support.c (xml_fetch_content_from_file): Don't read in
	chunks.  Instead use fseek to determine the file's size, and read
	it in one go.
---
 gdb/xml-support.c | 36 +++++++++++++-----------------------
 1 file changed, 13 insertions(+), 23 deletions(-)

diff --git a/gdb/xml-support.c b/gdb/xml-support.c
index 42a4c91..69aa9db 100644
--- a/gdb/xml-support.c
+++ b/gdb/xml-support.c
@@ -998,7 +998,6 @@ xml_fetch_content_from_file (const char *filename, void *baton)
 {
   const char *dirname = (const char *) baton;
   gdb_file_up file;
-  size_t len, offset;
 
   if (dirname && *dirname)
     {
@@ -1015,34 +1014,25 @@ xml_fetch_content_from_file (const char *filename, void *baton)
   if (file == NULL)
     return NULL;
 
-  /* Read in the whole file, one chunk at a time.  */
-  len = 4096;
-  offset = 0;
-  gdb::unique_xmalloc_ptr<char> text ((char *) xmalloc (len));
-  while (1)
-    {
-      size_t bytes_read;
+  /* Read in the whole file.  */
 
-      /* Continue reading where the last read left off.  Leave at least
-	 one byte so that we can NUL-terminate the result.  */
-      bytes_read = fread (text.get () + offset, 1, len - offset - 1,
-			  file.get ());
-      if (ferror (file.get ()))
-	{
-	  warning (_("Read error from \"%s\""), filename);
-	  return NULL;
-	}
+  size_t len;
 
-      offset += bytes_read;
+  if (fseek (file.get (), 0, SEEK_END) == -1)
+    perror_with_name (_("seek to end of file"));
+  len = ftell (file.get ());
+  rewind (file.get ());
 
-      if (feof (file.get ()))
-	break;
+  gdb::unique_xmalloc_ptr<char> text ((char *) xmalloc (len + 1));
 
-      len = len * 2;
-      text.reset ((char *) xrealloc (text.release (), len));
+  fread (text.get (), 1, len, file.get ());
+  if (ferror (file.get ()))
+    {
+      warning (_("Read error from \"%s\""), filename);
+      return {};
     }
 
-  text.get ()[offset] = '\0';
+  text.get ()[len] = '\0';
   return text;
 }