This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Fix objdump -S segfault
- From: Zack Weinberg <zack at codesourcery dot com>
- To: binutils at sources dot redhat dot com
- Date: Wed, 21 Apr 2004 19:55:53 -0700
- Subject: Fix objdump -S segfault
A customer of ours found a case where objdump -S segfaults. I tracked
it to bfd/dwarf2.c::add_line_info, which calls strlen on its
'filename' argument without checking that it's nonnull first. It is
not clear to me whether the debug information is ill-formed if this
happens, but the surrounding code appears to be prepared for not
having a filename, and objdump is a diagnostic tool which should be as
robust as possible in the face of malformed input. Accordingly, I
would suggest fixing it thus.
Unfortunately, I have no test case that is not huge and proprietary.
zw
* bfd/dwarf2.c (add_line_info): Also set info->filename to NULL
if filename argument is null; do not call strlen on a null pointer.
===================================================================
Index: bfd/dwarf2.c
--- bfd/dwarf2.c 26 Nov 2003 05:09:51 -0000 1.1.3.1.2.1
+++ bfd/dwarf2.c 22 Apr 2004 02:30:56 -0000
@@ -896,10 +896,9 @@ add_line_info (table, address, filename,
info->column = column;
info->end_sequence = end_sequence;
- amt = strlen (filename);
- if (amt)
+ if (filename && filename[0])
{
- info->filename = bfd_alloc (table->abfd, amt + 1);
+ info->filename = bfd_alloc (table->abfd, strlen (filename) + 1);
if (info->filename)
strcpy (info->filename, filename);
}