readelf looping in process_archive
Alan Modra
amodra@gmail.com
Fri Mar 27 00:13:35 GMT 2020
More information about the Binutils mailing list
Fri Mar 27 00:13:35 GMT 2020
- Previous message (by thread): readelf looping in process_archive
- Next message (by thread): [PATCH] Support AT_BSDFLAGS on FreeBSD.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This patch fixes a leak of qualified_name caused by 4c83662712 and a
double free introduced by fd486f32d1. Not breaking out of the loop
results in an error: "failed to seek to next archive header". That's
slightly better than silently preventing the possibility of endless
loops.
* readelf.c (process_archive): Don't double free qualified_name.
Don't break out of loop with "negative" archive_file_size, just
set file offset to max.
diff --git a/binutils/readelf.c b/binutils/readelf.c
index 9bc15e4d0b..eb41e10dae 100644
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -20461,7 +20461,6 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive)
close_file (member_filedata);
free (member_file_name);
- free (qualified_name);
}
else if (is_thin_archive)
{
@@ -20511,7 +20510,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive)
arch.next_arhdr_offset += archive_file_size;
/* Stop looping with "negative" archive_file_size. */
if (arch.next_arhdr_offset < archive_file_size)
- break;
+ arch.next_arhdr_offset = -1ul;
}
free (qualified_name);
--
Alan Modra
Australia Development Lab, IBM
- Previous message (by thread): readelf looping in process_archive
- Next message (by thread): [PATCH] Support AT_BSDFLAGS on FreeBSD.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Binutils mailing list