From: Alan Modra Date: Thu, 3 Sep 2020 00:04:37 +0000 (+0930) Subject: heap use after free in xcoff_archive_info_eq X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=d48b742bc1a7af6a673e747c91bf7c72518a0b6a;p=binutils-gdb.git heap use after free in xcoff_archive_info_eq Using an input file objalloc memory for anything that isn't created when opening the bfd is not a good idea. The problem is that this memory can disappear if bfd_free_cached_info is called or when bfd closes files in order to keep the number of open files reasonable. bfd/ * xcofflink.c (xcoff_get_archive_info): Allocate xcoff_archive_info on the output bfd objalloc memory. ld/ * testsuite/ld-scripts/sysroot-prefix.exp (single_sysroot_prefix_test): Log $scriptname. --- diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 156bb7abf73..76055ba18f2 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2020-09-03 Alan Modra + + * xcofflink.c (xcoff_get_archive_info): Allocate xcoff_archive_info + on the output bfd objalloc memory. + 2020-09-02 Alan Modra * elfnn-aarch64.c (elfNN_aarch64_relocate_section): Correct type diff --git a/bfd/xcofflink.c b/bfd/xcofflink.c index 88705254721..ca7d7fec04b 100644 --- a/bfd/xcofflink.c +++ b/bfd/xcofflink.c @@ -525,7 +525,7 @@ xcoff_get_archive_info (struct bfd_link_info *info, bfd *archive) entryp = *slot; if (!entryp) { - entryp = bfd_zalloc (archive, sizeof (entry)); + entryp = bfd_zalloc (info->output_bfd, sizeof (entry)); if (!entryp) return NULL; diff --git a/ld/ChangeLog b/ld/ChangeLog index 0138e88db0a..6c447dd4af0 100644 --- a/ld/ChangeLog +++ b/ld/ChangeLog @@ -1,3 +1,8 @@ +2020-09-03 Alan Modra + + * testsuite/ld-scripts/sysroot-prefix.exp (single_sysroot_prefix_test): + Log $scriptname. + 2020-08-30 H.J. Lu * testsuite/ld-elf/dwarf.exp: Append $NOSANTIZE_CFLAGS to CFLAGS. diff --git a/ld/testsuite/ld-scripts/sysroot-prefix.exp b/ld/testsuite/ld-scripts/sysroot-prefix.exp index e8b45d18e10..b7590e25a64 100644 --- a/ld/testsuite/ld-scripts/sysroot-prefix.exp +++ b/ld/testsuite/ld-scripts/sysroot-prefix.exp @@ -164,7 +164,7 @@ proc single_sysroot_prefix_test { type xtestname finalscript ldopt errstr } { puts $ofd "$finalscript" close $ofd - verbose -log "script: $finalscript" + verbose -log "script $scriptname: $finalscript" set res [ld_link $ld tmpdir/output "$ldopt tmpdir/main.o -Ltmpdir -lsysroottest"] set ld_output "$exec_output"