From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20380 invoked by alias); 10 Mar 2009 14:51:47 -0000 Received: (qmail 20362 invoked by uid 22791); 10 Mar 2009 14:51:44 -0000 X-SWARE-Spam-Status: No, hits=-2.2 required=5.0 tests=AWL,BAYES_00 X-Spam-Check-By: sourceware.org Received: from mx.transitive.com (HELO mx.transitive.com) (85.91.225.206) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Tue, 10 Mar 2009 14:51:33 +0000 Received: by mx.transitive.com (Postfix, from userid 65534) id B8F79140C3; Tue, 10 Mar 2009 14:48:33 +0000 (GMT) X-Spam-Score: -2.4 Received: from richards-desktop.transitives.com (richards-desktop.transitives.com [192.168.2.43]) by mx.transitive.com (Postfix) with ESMTP id 7950313A68 for ; Tue, 10 Mar 2009 14:48:32 +0000 (GMT) Received: from richards-desktop.transitives.com (localhost.localdomain [127.0.0.1]) by richards-desktop.transitives.com (8.13.8/8.13.8) with ESMTP id n2AEpTFI000558 for ; Tue, 10 Mar 2009 14:51:29 GMT Received: (from richards@localhost) by richards-desktop.transitives.com (8.13.8/8.13.8/Submit) id n2AEpTqM000557; Tue, 10 Mar 2009 14:51:29 GMT From: Richard Sandiford To: binutils@sourceware.org Mail-Followup-To: binutils@sourceware.org, richards@transitive.com Subject: [20/21] Fix free() of in-use memory when handling archives References: Date: Tue, 10 Mar 2009 14:51:00 -0000 In-Reply-To: (Richard Sandiford's message of "Tue\, 10 Mar 2009 13\:58\:06 +0000") Message-ID: User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Mailing-List: contact binutils-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: binutils-owner@sourceware.org X-SW-Source: 2009-03/txt/msg00193.txt.bz2 xcoff_link_check_archive_element tries to be a good citizen and free symbol tables for unneeded archive members. The problem is that it can be called twice for the same member (if the same library is listed twice on the command line). The second call can then end up freeing information that was entered into the hash table by the first call. OK to install? Richard bfd/ * xcofflink.c (xcoff_link_check_archive_element): Only free the symbol table if it was created by the current call. Index: bfd/xcofflink.c =================================================================== --- bfd/xcofflink.c 2009-03-10 13:54:27.000000000 +0000 +++ bfd/xcofflink.c 2009-03-10 13:54:49.000000000 +0000 @@ -2149,6 +2149,9 @@ xcoff_link_check_archive_element (bfd *a struct bfd_link_info *info, bfd_boolean *pneeded) { + bfd_boolean keep_syms_p; + + keep_syms_p = (obj_coff_external_syms (abfd) != NULL); if (! _bfd_coff_get_external_symbols (abfd)) return FALSE; @@ -2159,9 +2162,11 @@ xcoff_link_check_archive_element (bfd *a { if (! xcoff_link_add_symbols (abfd, info)) return FALSE; + if (info->keep_memory) + keep_syms_p = TRUE; } - if (! info->keep_memory || ! *pneeded) + if (!keep_syms_p) { if (! _bfd_coff_free_symbols (abfd)) return FALSE;