mirror of
https://sourceware.org/git/binutils-gdb.git
synced 2024-12-15 04:31:49 +08:00
libctf: fix ref leak of names of newly-inserted non-root-visible types
A bug in ctf_dtd_delete led to refs in the string table to the
names of non-root-visible types not being removed when the DTD
was. This seems harmless, but actually it would lead to a write
down a pointer into freed memory if such a type was ctf_rollback()ed
over and then the dict was serialized (updating all the refs as the
strtab was serialized in turn).
Bug introduced in commit fe4c2d5563
("libctf: create: non-root-visible types should not appear in name tables")
which is included in binutils 2.35.
libctf/
* ctf-create.c (ctf_dtd_delete): Remove refs for all types
with names, not just root-visible ones.
This commit is contained in:
parent
e34b3bde88
commit
21397b78f9
@ -258,10 +258,10 @@ ctf_dtd_delete (ctf_dict_t *fp, ctf_dtdef_t *dtd)
|
||||
dtd->dtd_vlen_alloc = 0;
|
||||
|
||||
if (dtd->dtd_data.ctt_name
|
||||
&& (name = ctf_strraw (fp, dtd->dtd_data.ctt_name)) != NULL
|
||||
&& LCTF_INFO_ISROOT (fp, dtd->dtd_data.ctt_info))
|
||||
&& (name = ctf_strraw (fp, dtd->dtd_data.ctt_name)) != NULL)
|
||||
{
|
||||
ctf_dynhash_remove (ctf_name_table (fp, name_kind), name);
|
||||
if (LCTF_INFO_ISROOT (fp, dtd->dtd_data.ctt_info))
|
||||
ctf_dynhash_remove (ctf_name_table (fp, name_kind), name);
|
||||
ctf_str_remove_ref (fp, name, &dtd->dtd_data.ctt_name);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user