* Re: comdat_hash memory leaks
@ 2023-08-28 13:41 Alan Modra
0 siblings, 0 replies; 2+ messages in thread
From: Alan Modra @ 2023-08-28 13:41 UTC (permalink / raw)
To: binutils
I missed another field that needs freeing. Also, oss-fuzz found a
case with a C_FILE sym using multiple auxents for a long file name
which overflowed the single auxent buffer. I'm going to fix that
problem in swap_aux_in too, but we may as well avoid it here too,
saving unnecessary work.
* coffcode.h (comdat_delf): Free comdat_name.
(fill_comdat_hash): Only look at symbols with one auxent.
diff --git a/bfd/coffcode.h b/bfd/coffcode.h
index 03c1788a1c9..908dc93c64a 100644
--- a/bfd/coffcode.h
+++ b/bfd/coffcode.h
@@ -872,6 +872,7 @@ static void
comdat_delf (void *ent)
{
struct comdat_hash_entry *e = ent;
+ free (e->comdat_name);
free (e->symname);
free (e);
}
@@ -964,7 +965,7 @@ fill_comdat_hash (bfd *abfd)
if (*slot == NULL)
{
- if (isym.n_numaux == 0)
+ if (isym.n_numaux != 1)
aux.x_scn.x_comdat = 0;
else
{
--
Alan Modra
Australia Development Lab, IBM
^ permalink raw reply [flat|nested] 2+ messages in thread
* comdat_hash memory leaks
@ 2023-08-27 4:48 Alan Modra
0 siblings, 0 replies; 2+ messages in thread
From: Alan Modra @ 2023-08-27 4:48 UTC (permalink / raw)
To: binutils
Entries added to the hash table with bfd_malloc ought to be freed when
the hash table is deleted. This patch adds the necessary del_f to the
htab_create call, and delays creating the table until an
IMAGE_SCN_LNK_COMDAT symbol is read.
* peicode.h (pe_mkobject): Move comdat_hash creation..
(htab_hash_flags, htab_eq_flags): ..and these support functions..
* coffcode.h (handle_COMDAT): ..to here, renaming support to
(comdat_hashf, comdat_eqf): ..this and adding..
(comdat_delf): ..this new function.
diff --git a/bfd/coffcode.h b/bfd/coffcode.h
index 2d40c5cfcac..03c1788a1c9 100644
--- a/bfd/coffcode.h
+++ b/bfd/coffcode.h
@@ -853,6 +853,29 @@ styp_to_sec_flags (bfd *abfd,
#else /* COFF_WITH_PE */
+static hashval_t
+comdat_hashf (const void *entry)
+{
+ const struct comdat_hash_entry *fe = entry;
+ return fe->target_index;
+}
+
+static int
+comdat_eqf (const void *e1, const void *e2)
+{
+ const struct comdat_hash_entry *fe1 = e1;
+ const struct comdat_hash_entry *fe2 = e2;
+ return fe1->target_index == fe2->target_index;
+}
+
+static void
+comdat_delf (void *ent)
+{
+ struct comdat_hash_entry *e = ent;
+ free (e->symname);
+ free (e);
+}
+
static struct comdat_hash_entry *
find_flags (htab_t comdat_hash, int target_index)
{
@@ -1085,6 +1108,14 @@ static bool
handle_COMDAT (bfd *abfd, flagword *sec_flags, const char *name,
asection *section)
{
+ if (pe_data (abfd)->comdat_hash == NULL)
+ {
+ pe_data (abfd)->comdat_hash = htab_create (10, comdat_hashf, comdat_eqf,
+ comdat_delf);
+ if (pe_data (abfd)->comdat_hash == NULL)
+ return false;
+ }
+
if (htab_elements (pe_data (abfd)->comdat_hash) == 0)
if (! fill_comdat_hash (abfd))
return false;
diff --git a/bfd/peicode.h b/bfd/peicode.h
index e1d06606575..1ff13b0313d 100644
--- a/bfd/peicode.h
+++ b/bfd/peicode.h
@@ -255,21 +255,6 @@ coff_swap_scnhdr_in (bfd * abfd, void * ext, void * in)
#endif
}
-static hashval_t
-htab_hash_flags (const void *entry)
-{
- const struct comdat_hash_entry *fe = entry;
- return fe->target_index;
-}
-
-static int
-htab_eq_flags (const void *e1, const void *e2)
-{
- const struct comdat_hash_entry *fe1 = e1;
- const struct comdat_hash_entry *fe2 = e2;
- return fe1->target_index == fe2->target_index;
-}
-
static bool
pe_mkobject (bfd * abfd)
{
@@ -306,8 +291,6 @@ pe_mkobject (bfd * abfd)
pe->dos_message[14] = 0x24;
pe->dos_message[15] = 0x0;
- pe->comdat_hash = htab_create (10, htab_hash_flags, htab_eq_flags, NULL);
-
memset (& pe->pe_opthdr, 0, sizeof pe->pe_opthdr);
bfd_coff_long_section_names (abfd)
--
Alan Modra
Australia Development Lab, IBM
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-08-28 13:41 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-08-28 13:41 comdat_hash memory leaks Alan Modra
-- strict thread matches above, loose matches on Subject: below --
2023-08-27 4:48 Alan Modra
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).