[Bug binutils/31161] potential Memory in stabs.c

[shiyuyuranzh at gmail dot com]

https://sourceware.org/bugzilla/show_bug.cgi?id=31161

--- Comment #4 from 时宇羽然 <shiyuyuranzh at gmail dot com> ---
(In reply to Alan Modra from comment #2)
> To be clear, by accessible I mean reachable from a pointer in data (possibly
> via a chain of pointers).

I'm sorry, it seems that the previous attachment may not have been uploaded
successfully. I have now included the detailed steps of how memory can be
accessable via pointer.

As shown in the image, first, the function debug_set_filename allocates a block
of memory for handle->current_file. Second, when calling debug_set_filename,
dhandle is passed as the 1st parameter.Therefore, dhandle->current_file is
modified. Third,in the function parse_stab, there are several places where it
can return FALSE.If the function parse_stab returns FALSE, the branch in the
fuction read_section_stabs_debugging_info will be executed, and
read_section_stabs_debugging_info will also return FALSE. dhandle->current_file
is not freed in this branch.Forth, if read_section_stabs_debugging_info returns
FALSE, the fuction read_debugging_info will return NULL, and the memory of
dhandle->current_file will leak.

Can you please help to check again? Thanks for your effort.

-- 
You are receiving this mail because:
You are on the CC list for the bug.