* [PATCH] Don't return the main file as the separate debug info
@ 2021-12-10 21:48 H.J. Lu
2021-12-11 0:11 ` Alan Modra
0 siblings, 1 reply; 3+ messages in thread
From: H.J. Lu @ 2021-12-10 21:48 UTC (permalink / raw)
To: binutils
On Fedora 35,
$ readelf -d /usr/bin/npc
caused readelf to run out of stack since load_separate_debug_info
returned the input main file as the separate debug info:
(gdb) bt
#0 load_separate_debug_info (
main_filename=main_filename@entry=0x510f50 "/export/home/hjl/.cache/debuginfod_client/dcc33c51c49e7dafc178fdb5cf8bd8946f965295/debuginfo",
xlink=xlink@entry=0x4e5180 <debug_displays+4480>,
parse_func=parse_func@entry=0x431550 <parse_gnu_debuglink>,
check_func=check_func@entry=0x432ae0 <check_gnu_debuglink>,
func_data=func_data@entry=0x7fffffffdb60, file=file@entry=0x51d430)
at /export/gnu/import/git/sources/binutils-gdb/binutils/dwarf.c:11057
#1 0x000000000043328d in check_for_and_load_links (file=0x51d430,
filename=0x510f50 "/export/home/hjl/.cache/debuginfod_client/dcc33c51c49e7dafc178fdb5cf8bd8946f965295/debuginfo")
at /export/gnu/import/git/sources/binutils-gdb/binutils/dwarf.c:11381
#2 0x00000000004332ae in check_for_and_load_links (file=0x51b070,
filename=0x518dd0 "/export/home/hjl/.cache/debuginfod_client/dcc33c51c49e7dafc178fdb5cf8bd8946f965295/debuginfo")
Return NULL if the separate debug info is the same as the input main
file to avoid infinite recursion.
PR binutils/28679
* dwarf.c (load_separate_debug_info): Don't return the input
main file.
---
binutils/dwarf.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index 6497e541063..3fe7abd79ba 100644
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -11053,6 +11053,9 @@ load_separate_debug_info (const char * main_filename,
char * canon_dir;
size_t canon_dirlen;
size_t dirlen;
+ char * canon_filename;
+ char * canon_debug_filename;
+ bool self;
if ((separate_filename = parse_func (xlink, func_data)) == NULL)
{
@@ -11064,7 +11067,8 @@ load_separate_debug_info (const char * main_filename,
/* Attempt to locate the separate file.
This should duplicate the logic in bfd/opncls.c:find_separate_debug_file(). */
- canon_dir = lrealpath (main_filename);
+ canon_filename = lrealpath (main_filename);
+ canon_dir = xstrdup (canon_filename);
for (canon_dirlen = strlen (canon_dir); canon_dirlen > 0; canon_dirlen--)
if (IS_DIR_SEPARATOR (canon_dir[canon_dirlen - 1]))
@@ -11219,6 +11223,16 @@ load_separate_debug_info (const char * main_filename,
found:
free (canon_dir);
+ canon_debug_filename = lrealpath (debug_filename);
+ self = strcmp (canon_debug_filename, canon_filename) == 0;
+ free (canon_filename);
+ free (canon_debug_filename);
+ if (self)
+ {
+ free (debug_filename);
+ return NULL;
+ }
+
void * debug_handle;
/* Now open the file.... */
--
2.33.1
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Don't return the main file as the separate debug info
2021-12-10 21:48 [PATCH] Don't return the main file as the separate debug info H.J. Lu
@ 2021-12-11 0:11 ` Alan Modra
2021-12-11 0:31 ` H.J. Lu
0 siblings, 1 reply; 3+ messages in thread
From: Alan Modra @ 2021-12-11 0:11 UTC (permalink / raw)
To: H.J. Lu; +Cc: binutils, Nick Clifton
On Fri, Dec 10, 2021 at 01:48:39PM -0800, H.J. Lu wrote:
> Return NULL if the separate debug info is the same as the input main
> file to avoid infinite recursion.
Your backtrace says it's actually the separate debug info file
pointing to itself, not to the main file.
> PR binutils/28679
> * dwarf.c (load_separate_debug_info): Don't return the input
> main file.
You missed two places where canon_filename should be freed when
returning NULL. OK with those fixed.
--
Alan Modra
Australia Development Lab, IBM
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Don't return the main file as the separate debug info
2021-12-11 0:11 ` Alan Modra
@ 2021-12-11 0:31 ` H.J. Lu
0 siblings, 0 replies; 3+ messages in thread
From: H.J. Lu @ 2021-12-11 0:31 UTC (permalink / raw)
To: Alan Modra; +Cc: Binutils, Nick Clifton
[-- Attachment #1: Type: text/plain, Size: 757 bytes --]
On Fri, Dec 10, 2021 at 4:11 PM Alan Modra <amodra@gmail.com> wrote:
>
> On Fri, Dec 10, 2021 at 01:48:39PM -0800, H.J. Lu wrote:
> > Return NULL if the separate debug info is the same as the input main
> > file to avoid infinite recursion.
>
> Your backtrace says it's actually the separate debug info file
> pointing to itself, not to the main file.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=2031278
>
> > PR binutils/28679
> > * dwarf.c (load_separate_debug_info): Don't return the input
> > main file.
>
> You missed two places where canon_filename should be freed when
> returning NULL. OK with those fixed.
>
> --
> Alan Modra
> Australia Development Lab, IBM
Here is the v2 patch I am checking in.
Thanks.
--
H.J.
[-- Attachment #2: v2-0001-Don-t-return-the-main-file-as-the-separate-debug-.patch --]
[-- Type: text/x-patch, Size: 3354 bytes --]
From 85fa72d8329d665ec1a43373fd00992b75f1d99e Mon Sep 17 00:00:00 2001
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Fri, 10 Dec 2021 13:34:22 -0800
Subject: [PATCH v2] Don't return the main file as the separate debug info
On Fedora 35,
$ readelf -d /usr/bin/npc
caused readelf to run out of stack since load_separate_debug_info
returned the input main file as the separate debug info:
(gdb) bt
#0 load_separate_debug_info (
main_filename=main_filename@entry=0x510f50 "/export/home/hjl/.cache/debuginfod_client/dcc33c51c49e7dafc178fdb5cf8bd8946f965295/debuginfo",
xlink=xlink@entry=0x4e5180 <debug_displays+4480>,
parse_func=parse_func@entry=0x431550 <parse_gnu_debuglink>,
check_func=check_func@entry=0x432ae0 <check_gnu_debuglink>,
func_data=func_data@entry=0x7fffffffdb60, file=file@entry=0x51d430)
at /export/gnu/import/git/sources/binutils-gdb/binutils/dwarf.c:11057
#1 0x000000000043328d in check_for_and_load_links (file=0x51d430,
filename=0x510f50 "/export/home/hjl/.cache/debuginfod_client/dcc33c51c49e7dafc178fdb5cf8bd8946f965295/debuginfo")
at /export/gnu/import/git/sources/binutils-gdb/binutils/dwarf.c:11381
#2 0x00000000004332ae in check_for_and_load_links (file=0x51b070,
filename=0x518dd0 "/export/home/hjl/.cache/debuginfod_client/dcc33c51c49e7dafc178fdb5cf8bd8946f965295/debuginfo")
Return NULL if the separate debug info is the same as the input main
file to avoid infinite recursion.
PR binutils/28679
* dwarf.c (load_separate_debug_info): Don't return the input
main file.
---
binutils/dwarf.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index 6497e541063..eeef98d4a18 100644
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -11053,6 +11053,9 @@ load_separate_debug_info (const char * main_filename,
char * canon_dir;
size_t canon_dirlen;
size_t dirlen;
+ char * canon_filename;
+ char * canon_debug_filename;
+ bool self;
if ((separate_filename = parse_func (xlink, func_data)) == NULL)
{
@@ -11064,7 +11067,8 @@ load_separate_debug_info (const char * main_filename,
/* Attempt to locate the separate file.
This should duplicate the logic in bfd/opncls.c:find_separate_debug_file(). */
- canon_dir = lrealpath (main_filename);
+ canon_filename = lrealpath (main_filename);
+ canon_dir = xstrdup (canon_filename);
for (canon_dirlen = strlen (canon_dir); canon_dirlen > 0; canon_dirlen--)
if (IS_DIR_SEPARATOR (canon_dir[canon_dirlen - 1]))
@@ -11096,6 +11100,7 @@ load_separate_debug_info (const char * main_filename,
{
warn (_("Out of memory"));
free (canon_dir);
+ free (canon_filename);
return NULL;
}
@@ -11214,11 +11219,22 @@ load_separate_debug_info (const char * main_filename,
free (canon_dir);
free (debug_filename);
+ free (canon_filename);
return NULL;
found:
free (canon_dir);
+ canon_debug_filename = lrealpath (debug_filename);
+ self = strcmp (canon_debug_filename, canon_filename) == 0;
+ free (canon_filename);
+ free (canon_debug_filename);
+ if (self)
+ {
+ free (debug_filename);
+ return NULL;
+ }
+
void * debug_handle;
/* Now open the file.... */
--
2.33.1
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-12-11 0:31 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-10 21:48 [PATCH] Don't return the main file as the separate debug info H.J. Lu
2021-12-11 0:11 ` Alan Modra
2021-12-11 0:31 ` H.J. Lu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).