Do not crash when calling GDB with empty executable name.

        % gdb -q ''

... or ...

        % gdb -q
        (gdb) file ''

... both cause GDB to crash with an invalid free. This is because
exec_file_attach is attempting to free a string that has not been
allocated. The string is only allocated if openp is successful.
But in the case of this obviously invalid filename, openp fails,
and leaves scratch_pathname uninitialized, thus causing the xfree
to fail.

The fix is to enable the associated cleanup after we have verified
that openp was successful.

gdb/ChangeLog (By Keith Seitz  <keiths@redhat.com>):

        * exec.c (exec_file_attach): Move cleanup after verifying that
        memory has in fact been allocated.

gdb/testsuite/ChangeLog:

        * gdb.base/empty_exe.exp: New testcase.

diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index 41e7a30ed07e3056862fe625f6ebab619a4aec75..98afd334b9c376aaba525497756e021ba3ede10b 100644 (file)
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,8 @@
+2012-11-26  Keith Seitz  <keiths@redhat.com>
+
+       * exec.c (exec_file_attach): Move cleanup after verifying that
+       memory has in fact been allocated.
+
 2012-11-26  Tom Tromey  <tromey@redhat.com>
 
        * ada-lang.c (user_select_syms): Use SYMBOL_SYMTAB.

diff --git a/gdb/exec.c b/gdb/exec.c
index 615d5c097ed20e4116a9628077e0dae2299d09c6..21d3c3c4c5bbaaf527ee7a7c0c486a6693e44059 100644 (file)
--- a/gdb/exec.c
+++ b/gdb/exec.c
@@ -225,11 +225,11 @@ exec_file_attach (char *filename, int from_tty)
             &scratch_pathname);
        }
 #endif
+      if (scratch_chan < 0)
+       perror_with_name (filename);
 
       cleanups = make_cleanup (xfree, scratch_pathname);
 
-      if (scratch_chan < 0)
-       perror_with_name (filename);
       if (write_files)
        exec_bfd = gdb_bfd_fopen (scratch_pathname, gnutarget,
                                  FOPEN_RUB, scratch_chan);

diff --git a/gdb/testsuite/ChangeLog b/gdb/testsuite/ChangeLog
index 907bec366016892ca09503cf501d2fe988a2ba3e..b625a7b8c210e9a7b67b566d040d2182630ee5c3 100644 (file)
--- a/gdb/testsuite/ChangeLog
+++ b/gdb/testsuite/ChangeLog
@@ -1,3 +1,7 @@
+2012-11-26  Joel Brobecker  <brobecker@adacore.com>
+
+       * gdb.base/empty_exe.exp: New testcase.
+
 2012-11-20  Mike Frysinger  <vapier@gentoo.org>
 
        * gdb.base/completion.exp: Add test for help aliases completion.

diff --git a/gdb/testsuite/gdb.base/empty_exe.exp b/gdb/testsuite/gdb.base/empty_exe.exp
new file mode 100644 (file)
index 0000000..7c55554
--- /dev/null
+++ b/gdb/testsuite/gdb.base/empty_exe.exp
@@ -0,0 +1,26 @@
+# Copyright 2012 Free Software Foundation, Inc.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+gdb_exit
+gdb_start
+
+# Make sure that the "file" command rejects an empty filename,
+# rather than crash.
+gdb_test "file ''" \
+         ": No such file or directory\\."
+
+# And to make extra sure that GDB is still alive, do a quick
+# sanity check.
+gdb_test "print 1" "= 1"