mirror/binutils-gdb
2
0
Fork 0
mirror of https://sourceware.org/git/binutils-gdb.git synced 2025-03-07 13:39:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
887cf79137
binutils-gdb/gdb/python
History
Pedro Alves 86f1abec45 Fix gdb/python/python.c use-after-free 
Valgrind shows:

 ==26964== Invalid read of size 1
 ==26964==    at 0x6E14100: __GI_strcmp (strcmp.S:180)
 ==26964==    by 0x6DB55AA: setlocale (setlocale.c:238)
 ==26964==    by 0x4E0455: _initialize_python() (python.c:1731)
 ==26964==    by 0x786731: initialize_all_files() (init.c:319)
 ==26964==    by 0x72EF0A: gdb_init(char*) (top.c:1929)
 ==26964==    by 0x60BCAC: captured_main(void*) (main.c:863)
 ==26964==    by 0x606AD5: catch_errors(int (*)(void*), void*, char*, return_mask) (exceptions.c:234)
 ==26964==    by 0x60C608: gdb_main(captured_main_args*) (main.c:1165)
 ==26964==    by 0x40CAEC: main (gdb.c:32)
 ==26964==  Address 0x81d30a0 is 0 bytes inside a block of size 181 free'd
 ==26964==    at 0x4C29CF0: free (vg_replace_malloc.c:530)
 ==26964==    by 0x6DB5B65: setname (setlocale.c:201)
 ==26964==    by 0x6DB5B65: setlocale (setlocale.c:388)
 ==26964==    by 0x4E037F: _initialize_python() (python.c:1712)
 ==26964==    by 0x786731: initialize_all_files() (init.c:319)
 ==26964==    by 0x72EF0A: gdb_init(char*) (top.c:1929)
 ==26964==    by 0x60BCAC: captured_main(void*) (main.c:863)
 ==26964==    by 0x606AD5: catch_errors(int (*)(void*), void*, char*, return_mask) (exceptions.c:234)
 ==26964==    by 0x60C608: gdb_main(captured_main_args*) (main.c:1165)
 ==26964==    by 0x40CAEC: main (gdb.c:32)

The problem is doing this:

  oldloc = setlocale (LC_ALL, NULL);
  setlocale (LC_ALL, "");
  ...
  setlocale (LC_ALL, oldloc);

I.e., the second setlocale call frees 'oldloc'.

From http://pubs.opengroup.org/onlinepubs/9699919799/functions/setlocale.html :

 "The returned string pointer might be invalidated or the string
 content might be overwritten by a subsequent call to setlocale()."

gdb/ChangeLog:
2016-05-03  Pedro Alves <palves@redhat.com>

	PR python/20037
	* python/python.c (_initialize_python) [IS_PY3K]: xstrdup/xfree
	oldloc.
2016-05-03 12:16:56 +01:00
..
lib/gdb
py-arch.c
py-auto-load.c
py-block.c
py-bpevent.c
py-breakpoint.c
py-cmd.c
py-continueevent.c
py-event.c
py-event.h
py-events.h
py-evtregistry.c
py-evts.c
py-exitedevent.c
py-finishbreakpoint.c
py-frame.c
py-framefilter.c
py-function.c
py-gdb-readline.c
py-inferior.c
py-infevents.c
py-infthread.c
py-lazy-string.c
py-linetable.c
py-newobjfileevent.c
py-objfile.c
py-param.c
py-prettyprint.c
py-progspace.c
py-signalevent.c
py-stopevent.c
py-stopevent.h
py-symbol.c
py-symtab.c
py-threadevent.c
py-type.c
py-unwind.c
py-utils.c
py-value.c
py-varobj.c
py-xmethods.c
python-config.py
python-internal.h
python.c Fix gdb/python/python.c use-after-free 2016-05-03 12:16:56 +01:00
python.h