This is the mail archive of the elfutils-devel@sourceware.org mailing list for the elfutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

libebl: Fix allocation of long strings in string table

From: Petr Machata <pmachata at redhat dot com>
To: elfutils-devel at lists dot fedorahosted dot org
Date: Wed, 02 Sep 2009 21:02:59 +0200
Subject: libebl: Fix allocation of long strings in string table

Hi,

for strings of the right size just below the pagesize, not enough memory 
was allocated, and malloc internals got corrupted, eventually leading to:
$ ./src/writer ./src/dwarflint
*** glibc detected *** ./src/writer: malloc(): memory corruption: 
0x0000000013d3e860 ***

Reproducer (run through valgrind to see the invalid writes):

#include <stdio.h>
#include <string.h>
#include "../elfutils/libebl/libebl.h"
int main (void) {
   #define X 4032
   char s[X + 1] = {0};
   memset (s, '.', X);
   struct Ebl_Strtab *t = ebl_strtabinit (false);
   ebl_strtabadd (t, s, 0);
}

For long strings, the allocation was inefficient because the length of 
string was used directly, instead of rounding it up to the nearest page 
size.

Both is now fixed on the pmachata/libebl-long-strings branch.  Please 
review.

PM

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]