diff options
| author | Tom Tromey <tromey@adacore.com> | 2020-09-08 10:13:51 -0600 |
|---|---|---|
| committer | Tom Tromey <tromey@adacore.com> | 2020-09-08 10:13:51 -0600 |
| commit | 3cae444768c36314cc4acf80714461cbe0aff4e4 (patch) | |
| tree | f6d3e3bc9d0d949e55585421b8206eb2afe7ddfa /include | |
| parent | 7d81bc937cd3949fc3bed8194646d3a4563f94b2 (diff) | |
| download | binutils-3cae444768c36314cc4acf80714461cbe0aff4e4.zip binutils-3cae444768c36314cc4acf80714461cbe0aff4e4.tar.gz binutils-3cae444768c36314cc4acf80714461cbe0aff4e4.tar.bz2 | |
Avoid hash table corruption in gdb_bfd.c
gdb caches BFDs that come from ordinary files. This code turns out to
have a bug where the hash table can become corrupted, causing gdb to
crash.
When gdb_bfd_open opens the BFD, it uses fstat to get the BFD's mtime.
This is used when inserting the entry into gdb_bfd_cache. Then, the
function creates the gdb_bfd_data object as a side effect of calling
new_reference. This object is used when finding objects in the hash
table, and its constructor uses bfd_get_mtime. So, if the file
changes between the time the BFD is put into the cache and the time
that this object is created, the hash table will be incorrect. When
the BFD is later deleted, its entry in the hash table will not be
found, and at this point the hash table will point to invalid memory.
This patch fixes the bug by ensuring that the mtime, and other
relevant attributes comgin from stat, that are used for insertion are
also used when creating the gdb_bfd_data.
This obsoletes an earlier patch that had split this into two parts
(surrounding a patch to use bfd_stat more consistently). This version
merges the two patches, in the interest of correctness.
gdb/ChangeLog
2020-09-08 Tom Tromey <tromey@adacore.com>
PR win32/25302:
* gdb_bfd.c (gdb_bfd_data): Add "st" parameter.
(gdb_bfd_init_data): New function.
(gdb_bfd_open, gdb_bfd_ref): Use gdb_bfd_init_data.
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions