47 lines
1.4 KiB
Diff
47 lines
1.4 KiB
Diff
From a894c63dba7019ceb8f6aa2c3cdcef519c65c92d Mon Sep 17 00:00:00 2001
|
|
From: Mark Wielaard <mark@klomp.org>
|
|
Date: Sun, 26 Apr 2020 02:10:41 +0200
|
|
Subject: [PATCH 4/5] libdwfl: Fix double free on failure path in gzip.c.
|
|
|
|
GCC10 -fanalyzer found a double free when openstream failed. When
|
|
openstream fails __libdw_gunzip will call fail, which frees the
|
|
state->buffer. But openstream can call zlib_fail, which will also
|
|
call fail. Instead of calling zlib_fail, just return the error
|
|
that zlib_fail would have returned.
|
|
|
|
Signed-off-by: Mark Wielaard <mark@klomp.org>
|
|
---
|
|
libdwfl/ChangeLog | 5 +++++
|
|
libdwfl/gzip.c | 2 +-
|
|
2 files changed, 6 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog
|
|
index 4ddc9ad..daedaed 100644
|
|
--- a/libdwfl/ChangeLog
|
|
+++ b/libdwfl/ChangeLog
|
|
@@ -1,3 +1,8 @@
|
|
+2020-04-25 Mark Wielaard <mark@klomp.org>
|
|
+
|
|
+ * gzip.c (open_stream): Return DWFL_E_NOMEM instead of calling
|
|
+ zlib_fail.
|
|
+
|
|
2020-04-16 Mark Wielaard <mark@klomp.org>
|
|
|
|
* find-debuginfo.c (dwfl_standard_find_debuginfo): Initialize bits
|
|
diff --git a/libdwfl/gzip.c b/libdwfl/gzip.c
|
|
index 043d0b6..e9988cc 100644
|
|
--- a/libdwfl/gzip.c
|
|
+++ b/libdwfl/gzip.c
|
|
@@ -153,7 +153,7 @@ open_stream (int fd, off_t start_offset, struct unzip_state *state)
|
|
if (unlikely (state->zf == NULL))
|
|
{
|
|
close (d);
|
|
- return zlib_fail (state, Z (MEM_ERROR));
|
|
+ return DWFL_E_NOMEM;
|
|
}
|
|
|
|
/* From here on, zlib will close D. */
|
|
--
|
|
1.8.3.1
|
|
|