From 88c4cce8d28e6be486cb25fbbccf2b42e40da45b Mon Sep 17 00:00:00 2001
From: Tom Tromey <tom@tromey.com>
Date: Tue, 2 Aug 2022 12:01:01 -0600
Subject: Use unique_ptr to destroy per-bfd object

In some cases, the objfile owns the per-bfd object.  This is yet
another object that can sometimes be destroyed before the registry is
destroyed, possibly reslting in a use-after-free.  Also, I noticed
that the condition for deleting the object is not the same as the
condition used to create it -- so it could possibly result in a memory
leak in some situations.  This patch fixes the problem by introducing
a new unique_ptr that holds this object when necessary.
---
 gdb/objfiles.h | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'gdb/objfiles.h')

diff --git a/gdb/objfiles.h b/gdb/objfiles.h
index ac45fa3..16dab0d 100644
--- a/gdb/objfiles.h
+++ b/gdb/objfiles.h
@@ -653,11 +653,16 @@ public:
 
   gdb_bfd_ref_ptr obfd;
 
-  /* The per-BFD data.  Note that this is treated specially if OBFD
-     is NULL.  */
+  /* The per-BFD data.  */
 
   struct objfile_per_bfd_storage *per_bfd = nullptr;
 
+  /* In some cases, the per_bfd object is owned by this objfile and
+     not by the BFD itself.  In this situation, this holds the owning
+     pointer.  */
+
+  std::unique_ptr<objfile_per_bfd_storage> per_bfd_storage;
+
   /* The modification timestamp of the object file, as of the last time
      we read its symbols.  */
 
-- 
cgit v1.1