From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by sourceware.org (Postfix) with ESMTPS id C26D7382B3C0 for ; Wed, 7 Dec 2022 14:14:57 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org C26D7382B3C0 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1670422497; x=1701958497; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=4xJA/BqM5BpBCvIHDhazDNdJSiztoIpbCqbKOFnjcQo=; b=WSJ5m09HILgqRFFPdE8r8ES33c3lyb+lpyxjMEV+UVeGjUOxeoy3ikIi b9QYSV6QwhkGWcovdjMA43WhDGs7bp1FI3OkekCjietnRK78NZRdBQVFp t2YfLMn3feME/h0ertEseBvxZYlWOTj3/Oilwt+4s2ZqWONz3kEiDTKfd 35gaDVKdtWoyuTiF+gUbpx5kfaBVH7wXGLDtT1cBCNM/EyHCVQOdk/Dd9 8fj642l4ZoeMAY9unreqNjxOemIOXpx/RH7wAyl4g/i2lCKnfDnDOfkN9 Not2VEbg+i/mivZxO5abe6fIaGY1gVzOYVLX10m43S1qkgqj2iI6IHtCB A==; X-IronPort-AV: E=McAfee;i="6500,9779,10553"; a="403169044" X-IronPort-AV: E=Sophos;i="5.96,225,1665471600"; d="scan'208";a="403169044" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Dec 2022 06:14:56 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10553"; a="646617921" X-IronPort-AV: E=Sophos;i="5.96,225,1665471600"; d="scan'208";a="646617921" Received: from mulvlfelix.iul.intel.com (HELO localhost) ([172.28.48.92]) by orsmga002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Dec 2022 06:14:54 -0800 From: Felix Willgerodt To: binutils@sourceware.org Cc: Felix Willgerodt Subject: [PATCH 1/1] libctf: Fix double free in ctf_link_add_cu_mapping. Date: Wed, 7 Dec 2022 15:11:37 +0100 Message-Id: <20221207141137.1527113-1-felix.willgerodt@intel.com> X-Mailer: git-send-email 2.34.3 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-10.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,SPF_HELO_NONE,SPF_NONE,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: This fixes a potential double free which can occur if we jump to oom_noerrno after the first free. I am not very familiar with libctf, so any comments are welcome. I am wondering if the right solution wouldn't be to free both t and f before the "return 0". But I didn't fully understand the code and saw that other users of ctf_dynhash_insert() also don't free the key manually. libctf/ChangeLog: * ctf-link.c (ctf_link_add_cu_mapping): Adjust freeing logic. --- libctf/ctf-link.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/libctf/ctf-link.c b/libctf/ctf-link.c index 702f2b4d5fe..e59e415eb41 100644 --- a/libctf/ctf-link.c +++ b/libctf/ctf-link.c @@ -430,8 +430,6 @@ ctf_link_add_cu_mapping (ctf_dict_t *fp, const char *from, const char *to) goto oom_noerrno; } } - else - free (t); if (ctf_dynhash_insert (one_out, f, NULL) < 0) { -- 2.34.3 Intel Deutschland GmbH Registered Address: Am Campeon 10, 85579 Neubiberg, Germany Tel: +49 89 99 8853-0, www.intel.de Managing Directors: Christin Eisenschmid, Sharon Heck, Tiffany Doon Silva Chairperson of the Supervisory Board: Nicole Lau Registered Office: Munich Commercial Register: Amtsgericht Muenchen HRB 186928