diff options
| author | James Clarke <jrtc27@jrtc27.com> | 2017-01-03 16:15:15 +0000 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2017-01-04 08:53:43 +1030 |
| commit | ae4fda663812129df67e3a70691787060242c0f9 (patch) | |
| tree | 7f1b2ec83550b9c79e1b50da727b8204ddeb6593 | |
| parent | cc917fd93d2a836adfd61b91df021cf835e88fd1 (diff) | |
| download | binutils-ae4fda663812129df67e3a70691787060242c0f9.zip binutils-ae4fda663812129df67e3a70691787060242c0f9.tar.gz binutils-ae4fda663812129df67e3a70691787060242c0f9.tar.bz2 | |
bfd: alpha: Fix crash caused by double free with --no-keep-memory
Without this, ld has been seen to crash in libc when freeing tsec_free:
*** Error in `/usr/bin/ld': double free or corruption (!prev): 0x0000000120ceb6a0 ***
_bfd_elf_link_read_relocs will always return the cached value if
present, even if keep_memory is false, therefore setting tsec_free to
NULL only when keep_memory is true is not sufficient.
* elf64-alpha.c (elf64_alpha_relax_opt_call): Don't set tsec_free
if relocs are cached.
| -rw-r--r-- | bfd/ChangeLog | 5 | ||||
| -rw-r--r-- | bfd/elf64-alpha.c | 4 |
2 files changed, 8 insertions, 1 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 41d5119..f238d86 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2017-01-04 James Clarke <jrtc27@jrtc27.com> + + * elf64-alpha.c (elf64_alpha_relax_opt_call): Don't set tsec_free + if relocs are cached. + 2017-01-03 Rich Felker <bugdal@aerifal.cx> PR ld/21017 diff --git a/bfd/elf64-alpha.c b/bfd/elf64-alpha.c index 4fa4743..b4a50f4 100644 --- a/bfd/elf64-alpha.c +++ b/bfd/elf64-alpha.c @@ -3215,7 +3215,9 @@ elf64_alpha_relax_opt_call (struct alpha_relax_info *info, bfd_vma symval) if (tsec_relocs == NULL) return 0; tsec_relend = tsec_relocs + info->tsec->reloc_count; - tsec_free = (info->link_info->keep_memory ? NULL : tsec_relocs); + tsec_free = (elf_section_data (info->tsec)->relocs == tsec_relocs + ? NULL + : tsec_relocs); } /* Recover the symbol's offset within the section. */ |