From patchwork Fri Dec 14 19:12:40 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pedro Alves X-Patchwork-Id: 30672 Received: (qmail 11545 invoked by alias); 14 Dec 2018 19:12:48 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 11404 invoked by uid 89); 14 Dec 2018 19:12:47 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-24.4 required=5.0 tests=BAYES_00, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, KAM_LAZY_DOMAIN_SECURITY, KAM_STOCKGEN, SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=U*palves, sk:palves, sk:palves@, 33329 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 14 Dec 2018 19:12:46 +0000 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D8FFC1393C5 for ; Fri, 14 Dec 2018 19:12:44 +0000 (UTC) Received: from localhost.localdomain (ovpn04.gateway.prod.ext.ams2.redhat.com [10.39.146.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7122D5D756 for ; Fri, 14 Dec 2018 19:12:44 +0000 (UTC) From: Pedro Alves To: gdb-patches@sourceware.org Subject: [PATCH 1/3] Fix leak in mdebugread.c Date: Fri, 14 Dec 2018 19:12:40 +0000 Message-Id: <20181214191242.21560-2-palves@redhat.com> In-Reply-To: <20181214191242.21560-1-palves@redhat.com> References: <20181214191242.21560-1-palves@redhat.com> Coverity points out that all the "continue;" statements in the switch case in parse_partial_symbols leak STABSTRING. This is because we only release STABSTRING at the end of the scope, with: if (stabstring && stabstring != debug_info->ss + fh->issBase + sh.iss) xfree (stabstring); but that bit of code is skipped if a case in the switch statement ends with "continue". Fix this by using gdb::unique_xmalloc_ptr to manage the heap-allocated version of 'stabsstring'. I don't know how to test this. gdb/ChangeLog: yyyy-mm-dd Pedro Alves * mdebugread.c (parse_partial_symbols): Use gdb::unique_xmalloc_ptr to manage heap-allocated 'stabsstring'. --- gdb/mdebugread.c | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/gdb/mdebugread.c b/gdb/mdebugread.c index 26687f6c8d..eddf0a68f8 100644 --- a/gdb/mdebugread.c +++ b/gdb/mdebugread.c @@ -2767,6 +2767,9 @@ parse_partial_symbols (minimal_symbol_reader &reader, /* Handle stabs continuation. */ { char *stabstring = debug_info->ss + fh->issBase + sh.iss; + /* If we need to heap-allocate STABSTRING, this owns + it. */ + gdb::unique_xmalloc_ptr stabstring_storage; int len = strlen (stabstring); while (stabstring[len - 1] == '\\') @@ -2789,14 +2792,19 @@ parse_partial_symbols (minimal_symbol_reader &reader, stabstring2 = debug_info->ss + fh->issBase + sh2.iss; len2 = strlen (stabstring2); - /* Concatinate stabstring2 with stabstring1. */ - if (stabstring - && stabstring != debug_info->ss + fh->issBase + sh.iss) - stabstring - = (char *) xrealloc (stabstring, len + len2 + 1); + /* Concatenate stabstring2 with stabstring1. */ + if (stabstring_storage != nullptr) + { + stabstring_storage.reset + ((char *) xrealloc (stabstring_storage.release (), + len + len2 + 1)); + stabstring = stabstring_storage.get (); + } else { - stabstring = (char *) xmalloc (len + len2 + 1); + stabstring_storage.reset + ((char *) xmalloc (len + len2 + 1)); + stabstring = stabstring_storage.get (); strcpy (stabstring, stabstring1); } strcpy (stabstring + len, stabstring2); @@ -3332,9 +3340,6 @@ parse_partial_symbols (minimal_symbol_reader &reader, hex_string (type_code)); /* CUR_SYMBOL_TYPE */ continue; } - if (stabstring - && stabstring != debug_info->ss + fh->issBase + sh.iss) - xfree (stabstring); } /* end - Handle continuation */ }