From d48b742bc1a7af6a673e747c91bf7c72518a0b6a Mon Sep 17 00:00:00 2001 From: Alan Modra Date: Thu, 3 Sep 2020 09:34:37 +0930 Subject: [PATCH] heap use after free in xcoff_archive_info_eq Using an input file objalloc memory for anything that isn't created when opening the bfd is not a good idea. The problem is that this memory can disappear if bfd_free_cached_info is called or when bfd closes files in order to keep the number of open files reasonable. bfd/ * xcofflink.c (xcoff_get_archive_info): Allocate xcoff_archive_info on the output bfd objalloc memory. ld/ * testsuite/ld-scripts/sysroot-prefix.exp (single_sysroot_prefix_test): Log $scriptname. --- bfd/ChangeLog | 5 +++++ bfd/xcofflink.c | 2 +- ld/ChangeLog | 5 +++++ ld/testsuite/ld-scripts/sysroot-prefix.exp | 2 +- 4 files changed, 12 insertions(+), 2 deletions(-) diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 156bb7abf73..76055ba18f2 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2020-09-03 Alan Modra + + * xcofflink.c (xcoff_get_archive_info): Allocate xcoff_archive_info + on the output bfd objalloc memory. + 2020-09-02 Alan Modra * elfnn-aarch64.c (elfNN_aarch64_relocate_section): Correct type diff --git a/bfd/xcofflink.c b/bfd/xcofflink.c index 88705254721..ca7d7fec04b 100644 --- a/bfd/xcofflink.c +++ b/bfd/xcofflink.c @@ -525,7 +525,7 @@ xcoff_get_archive_info (struct bfd_link_info *info, bfd *archive) entryp = *slot; if (!entryp) { - entryp = bfd_zalloc (archive, sizeof (entry)); + entryp = bfd_zalloc (info->output_bfd, sizeof (entry)); if (!entryp) return NULL; diff --git a/ld/ChangeLog b/ld/ChangeLog index 0138e88db0a..6c447dd4af0 100644 --- a/ld/ChangeLog +++ b/ld/ChangeLog @@ -1,3 +1,8 @@ +2020-09-03 Alan Modra + + * testsuite/ld-scripts/sysroot-prefix.exp (single_sysroot_prefix_test): + Log $scriptname. + 2020-08-30 H.J. Lu * testsuite/ld-elf/dwarf.exp: Append $NOSANTIZE_CFLAGS to CFLAGS. diff --git a/ld/testsuite/ld-scripts/sysroot-prefix.exp b/ld/testsuite/ld-scripts/sysroot-prefix.exp index e8b45d18e10..b7590e25a64 100644 --- a/ld/testsuite/ld-scripts/sysroot-prefix.exp +++ b/ld/testsuite/ld-scripts/sysroot-prefix.exp @@ -164,7 +164,7 @@ proc single_sysroot_prefix_test { type xtestname finalscript ldopt errstr } { puts $ofd "$finalscript" close $ofd - verbose -log "script: $finalscript" + verbose -log "script $scriptname: $finalscript" set res [ld_link $ld tmpdir/output "$ldopt tmpdir/main.o -Ltmpdir -lsysroottest"] set ld_output "$exec_output" -- 2.30.2