[binutils-gdb] Avoid double-free with debuginfod

[Tom Tromey <tromey@sourceware.org>]

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f96328accde1e6302b62aa880675594618079cb3

commit f96328accde1e6302b62aa880675594618079cb3
Author: Tom Tromey <tromey@adacore.com>
Date:   Tue Dec 6 12:07:12 2022 -0700

    Avoid double-free with debuginfod
    
    PR gdb/29257 points out a possible double free when debuginfod is in
    use.  Aside from some ugly warts in the symbol code (an ongoing
    issue), the underlying issue in this particular case is that elfread.c
    seems to assume that symfile_bfd_open will return NULL on error,
    whereas in reality it throws an exception.  As this code isn't
    prepared for an exception, bad things result.
    
    This patch fixes the problem by introducing a non-throwing variant of
    symfile_bfd_open and using it in the affected places.
    
    Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=29257

Diff:
---
 gdb/elfread.c | 19 ++++++++++---------
 gdb/symfile.c | 17 +++++++++++++++++
 gdb/symfile.h |  5 +++++
 3 files changed, 32 insertions(+), 9 deletions(-)

diff --git a/gdb/elfread.c b/gdb/elfread.c
index 55771492044..0305bf21894 100644
--- a/gdb/elfread.c
+++ b/gdb/elfread.c
@@ -1232,10 +1232,12 @@ elf_symfile_read_dwarf2 (struct objfile *objfile,
 
       if (!debugfile.empty ())
 	{
-	  gdb_bfd_ref_ptr debug_bfd (symfile_bfd_open (debugfile.c_str ()));
+	  gdb_bfd_ref_ptr debug_bfd
+	    (symfile_bfd_open_no_error (debugfile.c_str ()));
 
-	  symbol_file_add_separate (debug_bfd, debugfile.c_str (),
-				    symfile_flags, objfile);
+	  if (debug_bfd != nullptr)
+	    symbol_file_add_separate (debug_bfd, debugfile.c_str (),
+				      symfile_flags, objfile);
 	}
       else
 	{
@@ -1255,13 +1257,12 @@ elf_symfile_read_dwarf2 (struct objfile *objfile,
 	      if (fd.get () >= 0)
 		{
 		  /* File successfully retrieved from server.  */
-		  gdb_bfd_ref_ptr debug_bfd (symfile_bfd_open (symfile_path.get ()));
+		  gdb_bfd_ref_ptr debug_bfd
+		    (symfile_bfd_open_no_error (symfile_path.get ()));
 
-		  if (debug_bfd == nullptr)
-		    warning (_("File \"%s\" from debuginfod cannot be opened as bfd"),
-			     filename);
-		  else if (build_id_verify (debug_bfd.get (), build_id->size,
-					    build_id->data))
+		  if (debug_bfd != nullptr
+		      && build_id_verify (debug_bfd.get (), build_id->size,
+					  build_id->data))
 		    {
 		      symbol_file_add_separate (debug_bfd, symfile_path.get (),
 						symfile_flags, objfile);
diff --git a/gdb/symfile.c b/gdb/symfile.c
index bb9981a4634..8ae2177b159 100644
--- a/gdb/symfile.c
+++ b/gdb/symfile.c
@@ -1769,6 +1769,23 @@ symfile_bfd_open (const char *name)
   return sym_bfd;
 }
 
+/* See symfile.h.  */
+
+gdb_bfd_ref_ptr
+symfile_bfd_open_no_error (const char *name) noexcept
+{
+  try
+    {
+      return symfile_bfd_open (name);
+    }
+  catch (const gdb_exception_error &err)
+    {
+      warning ("%s", err.what ());
+    }
+
+  return nullptr;
+}
+
 /* Return the section index for SECTION_NAME on OBJFILE.  Return -1 if
    the section was not found.  */
 
diff --git a/gdb/symfile.h b/gdb/symfile.h
index b433e2be31a..7c800ea6cf9 100644
--- a/gdb/symfile.h
+++ b/gdb/symfile.h
@@ -276,6 +276,11 @@ extern void set_initial_language (void);
 
 extern gdb_bfd_ref_ptr symfile_bfd_open (const char *);
 
+/* Like symfile_bfd_open, but will not throw an exception on error.
+   Instead, it issues a warning and returns nullptr.  */
+
+extern gdb_bfd_ref_ptr symfile_bfd_open_no_error (const char *) noexcept;
+
 extern int get_section_index (struct objfile *, const char *);
 
 extern int print_symbol_loading_p (int from_tty, int mainline, int full);