This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: Statically identified memory leaks in ld
- From: Nick Clifton <nickc at redhat dot com>
- To: dlheine at suif dot Stanford dot EDU
- Cc: binutils at sources dot redhat dot com
- Date: 31 Mar 2003 19:11:06 +0100
- Subject: Re: Statically identified memory leaks in ld
- References: <20030324190845.GA6625@carpathia.Stanford.EDU>
Hi David,
> Using a static analysis tool "Clouseau" built as part of my
> research, I have identified a number of potential memory leaks in ld
> and the libraries it uses.
Thanks very much for doing this analysis.
> 1) aout.h has some code that allocates memory with "bfd_alloc"
> and can free it with "free". This would seem to be a problem.
Fixed by using bfd_malloc().
> 2) _bfd_elf_slurp_version_tables has code that frees memory only
> when it is NULL.
This was a bug and your fix was appropriate.
> 2003-03-24 David Heine <dlheine at suif dot stanford,edu>
>
> * bfd/aoutx.h : Do not free memory allocated with bfd_alloc
> * bfd/dwarf2.c : Fix leaks
> * bfd/elf-eh-frame.c : same
> * bfd/elf.c : Fix leaks and NULL free
> * bfd/elflink.h : Fix leaks
> * bfd/format.c : same
> * bfd/linker.c : same
> * bfd/opncls.c : same
> * bfd/simple.c : same
> * ld/ldfile.c : same
> * ld/ldlang.c : same
> * ld/ldmain.c : same
> * ld/ldmisc.c : same
> * ld/lexsup.c : same
I have applied a slight variation of your patch as shown below.
DJ has already mentioned that the libiberty portions of your patch
should be sent to seperate mailing list.
Cheers
Nick
bfd/ChangeLog
2003-03-31 David Heine <dlheine at suif dot stanford dot edu>
* aoutx.h (aout_link_hash_table_create): Use bfd_malloc instead of
bfd_alloc.
* dwarf2.c (concat_filename): Always allocate space for the
returned filename.
(decode_line_info): Free the allocated filename returned by
concat_filename.
* elf-eh-frame.c (bfd_elf_write_section_eh_frame): Fix memory leaks.
* elf.c (copy_private_bfd_data): Likewise.
(_bfd_elf_slurp_version_tables): Fix bug freeing contents pointer.
* elflink.h (elf_link_sort_relocs): Fix memory leak.
* format.c (bfd_check_format_matches): Likewise.
* linker.c (bfd_generic_final_link): Likewise.
* opncls.c (find_separate_debug_info): Likewise.
* simple.c (bfd_simple_get_relocated_section_contents): Likewise.
ld/ChangeLog
2003-03-31 David Heine <dlheine at suif dot stanford dot edu>
* ldfile.c (ldfile_add_library_path): Always allocate space for
the filename.
* ldlang.c (lang_register_vers_node): Free the node if it cannot
be used.
* ldmain.c (set_scripts_dir): Always free the constructed
directory name.
(add_keepsyms_file): Fix memory leak.
* ldmisc.c (vfinfo): Likewise.
* lexsup.c (parse_args): Likewise
Index: aoutx.h
===================================================================
RCS file: /cvs/src/src/bfd/aoutx.h,v
retrieving revision 1.39
diff -c -3 -p -w -r1.39 aoutx.h
*** aoutx.h 31 Dec 2002 07:29:25 -0000 1.39
--- aoutx.h 31 Mar 2003 17:22:53 -0000
*************** NAME(aout,link_hash_table_create) (abfd)
*** 3067,3075 ****
struct aout_link_hash_table *ret;
bfd_size_type amt = sizeof (struct aout_link_hash_table);
! ret = (struct aout_link_hash_table *) bfd_alloc (abfd, amt);
if (ret == NULL)
return (struct bfd_link_hash_table *) NULL;
if (! NAME(aout,link_hash_table_init) (ret, abfd,
NAME(aout,link_hash_newfunc)))
{
--- 3065,3074 ----
struct aout_link_hash_table *ret;
bfd_size_type amt = sizeof (struct aout_link_hash_table);
! ret = (struct aout_link_hash_table *) bfd_malloc (amt);
if (ret == NULL)
return (struct bfd_link_hash_table *) NULL;
if (! NAME(aout,link_hash_table_init) (ret, abfd,
NAME(aout,link_hash_newfunc)))
{
Index: dwarf2.c
===================================================================
RCS file: /cvs/src/src/bfd/dwarf2.c,v
retrieving revision 1.42
diff -c -3 -p -w -r1.42 dwarf2.c
*** dwarf2.c 12 Dec 2002 10:26:01 -0000 1.42
--- dwarf2.c 31 Mar 2003 17:23:12 -0000
*************** add_line_info (table, address, filename,
*** 911,916 ****
--- 911,919 ----
info->end_sequence = end_sequence;
}
+ /* Extract a fully qualified filename from a line info table.
+ The returned string has been xmalloc'ed. */
+
static char *
concat_filename (table, file)
struct line_info_table* table;
*************** concat_filename (table, file)
*** 922,933 ****
{
(*_bfd_error_handler)
(_("Dwarf Error: mangled line number section (bad file number)."));
! return "<unknown>";
}
filename = table->files[file - 1].name;
if (IS_ABSOLUTE_PATH(filename))
! return filename;
else
{
char* dirname = (table->files[file - 1].dir
--- 925,937 ----
{
(*_bfd_error_handler)
(_("Dwarf Error: mangled line number section (bad file number)."));
! return concat ("<unknown>");
}
filename = table->files[file - 1].name;
+
if (IS_ABSOLUTE_PATH (filename))
! return concat (filename);
else
{
char* dirname = (table->files[file - 1].dir
*************** concat_filename (table, file)
*** 937,945 ****
/* Not all tools set DW_AT_comp_dir, so dirname may be unknown. The
best we can do is return the filename part. */
if (dirname == NULL)
! return filename;
else
! return (char*) concat (dirname, "/", filename, NULL);
}
}
--- 941,949 ----
/* Not all tools set DW_AT_comp_dir, so dirname may be unknown. The
best we can do is return the filename part. */
if (dirname == NULL)
! return concat (filename);
else
! return concat (dirname, "/", filename, NULL);
}
}
*************** decode_line_info (unit, stash)
*** 1272,1277 ****
--- 1276,1282 ----
based, the references are 1 based. */
file = read_unsigned_leb128 (abfd, line_ptr, &bytes_read);
line_ptr += bytes_read;
+ free (filename);
filename = concat_filename (table, file);
break;
}
*************** decode_line_info (unit, stash)
*** 1305,1310 ****
--- 1311,1318 ----
}
}
}
+
+ free (filename);
}
return table;
Index: elf-eh-frame.c
===================================================================
RCS file: /cvs/src/src/bfd/elf-eh-frame.c,v
retrieving revision 1.22
diff -c -3 -p -w -r1.22 elf-eh-frame.c
*** elf-eh-frame.c 6 Feb 2003 23:01:04 -0000 1.22
--- elf-eh-frame.c 31 Mar 2003 17:23:13 -0000
*************** _bfd_elf_write_section_eh_frame_hdr (abf
*** 1125,1130 ****
--- 1125,1131 ----
bfd_byte *contents;
asection *eh_frame_sec;
bfd_size_type size;
+ bfd_boolean retval;
htab = elf_hash_table (info);
hdr_info = &htab->eh_info;
*************** _bfd_elf_write_section_eh_frame_hdr (abf
*** 1141,1155 ****
eh_frame_sec = bfd_get_section_by_name (abfd, ".eh_frame");
if (eh_frame_sec == NULL)
return FALSE;
memset (contents, 0, EH_FRAME_HDR_SIZE);
! contents[0] = 1; /* Version */
! contents[1] = DW_EH_PE_pcrel | DW_EH_PE_sdata4; /* .eh_frame offset */
if (hdr_info->array && hdr_info->array_count == hdr_info->fde_count)
{
! contents[2] = DW_EH_PE_udata4; /* FDE count encoding */
! contents[3] = DW_EH_PE_datarel | DW_EH_PE_sdata4; /* search table enc */
}
else
{
--- 1142,1159 ----
eh_frame_sec = bfd_get_section_by_name (abfd, ".eh_frame");
if (eh_frame_sec == NULL)
+ {
+ free (contents);
return FALSE;
+ }
memset (contents, 0, EH_FRAME_HDR_SIZE);
! contents[0] = 1; /* Version. */
! contents[1] = DW_EH_PE_pcrel | DW_EH_PE_sdata4; /* .eh_frame offset. */
if (hdr_info->array && hdr_info->array_count == hdr_info->fde_count)
{
! contents[2] = DW_EH_PE_udata4; /* FDE count encoding. */
! contents[3] = DW_EH_PE_datarel | DW_EH_PE_sdata4; /* Search table enc. */
}
else
{
*************** _bfd_elf_write_section_eh_frame_hdr (abf
*** 1177,1183 ****
}
}
! return bfd_set_section_contents (abfd, sec->output_section,
contents, (file_ptr) sec->output_offset,
sec->_cooked_size);
}
--- 1181,1189 ----
}
}
! retval = bfd_set_section_contents (abfd, sec->output_section,
contents, (file_ptr) sec->output_offset,
sec->_cooked_size);
+ free (contents);
+ return retval;
}
Index: elf.c
===================================================================
RCS file: /cvs/src/src/bfd/elf.c,v
retrieving revision 1.180
diff -c -3 -p -w -r1.180 elf.c
*** elf.c 24 Feb 2003 18:07:22 -0000 1.180
--- elf.c 31 Mar 2003 17:23:20 -0000
*************** copy_private_bfd_data (ibfd, obfd)
*** 5068,5074 ****
--- 5068,5077 ----
amt += ((bfd_size_type) section_count - 1) * sizeof (asection *);
map = (struct elf_segment_map *) bfd_alloc (obfd, amt);
if (map == NULL)
+ {
+ free (sections);
return FALSE;
+ }
/* Initialise the fields of the segment map. Set the physical
physical address to the LMA of the first section that has
*************** swap_out_syms (abfd, sttp, relocatable_p
*** 5303,5309 ****
--- 5306,5315 ----
amt = (bfd_size_type) (1 + symcount) * bed->s->sizeof_sym;
outbound_syms = bfd_alloc (abfd, amt);
if (outbound_syms == NULL)
+ {
+ _bfd_stringtab_free (stt);
return FALSE;
+ }
symtab_hdr->contents = (PTR) outbound_syms;
outbound_shndx = NULL;
*************** swap_out_syms (abfd, sttp, relocatable_p
*** 5313,5319 ****
--- 5319,5329 ----
amt = (bfd_size_type) (1 + symcount) * sizeof (Elf_External_Sym_Shndx);
outbound_shndx = bfd_zalloc (abfd, amt);
if (outbound_shndx == NULL)
+ {
+ _bfd_stringtab_free (stt);
return FALSE;
+ }
+
symtab_shndx_hdr->contents = outbound_shndx;
symtab_shndx_hdr->sh_type = SHT_SYMTAB_SHNDX;
symtab_shndx_hdr->sh_size = amt;
*************** swap_out_syms (abfd, sttp, relocatable_p
*** 5357,5364 ****
--- 5367,5377 ----
syms[idx]->name,
TRUE, FALSE);
if (sym.st_name == (unsigned long) -1)
+ {
+ _bfd_stringtab_free (stt);
return FALSE;
}
+ }
type_ptr = elf_symbol_from (abfd, syms[idx]);
*************** Unable to find equivalent output section
*** 5446,5451 ****
--- 5459,5465 ----
syms[idx]->name ? syms[idx]->name : "<Local sym>",
sec->name);
bfd_set_error (bfd_error_invalid_operation);
+ _bfd_stringtab_free (stt);
return FALSE;
}
*************** _bfd_elf_slurp_version_tables (abfd)
*** 5906,5912 ****
return TRUE;
error_return:
! if (contents == NULL)
free (contents);
return FALSE;
}
--- 5920,5926 ----
return TRUE;
error_return:
! if (contents != NULL)
free (contents);
return FALSE;
}
Index: elflink.h
===================================================================
RCS file: /cvs/src/src/bfd/elflink.h,v
retrieving revision 1.210
diff -c -3 -p -w -r1.210 elflink.h
*** elflink.h 29 Mar 2003 01:26:33 -0000 1.210
--- elflink.h 31 Mar 2003 17:23:34 -0000
*************** elf_link_sort_relocs (abfd, info, psec)
*** 4855,4860 ****
--- 4855,4861 ----
}
}
+ free (sort);
*psec = reldyn;
return ret;
}
Index: format.c
===================================================================
RCS file: /cvs/src/src/bfd/format.c,v
retrieving revision 1.12
diff -c -3 -p -w -r1.12 format.c
*** format.c 14 Feb 2003 11:16:09 -0000 1.12
--- format.c 31 Mar 2003 17:23:34 -0000
*************** bfd_check_format_matches (abfd, format,
*** 163,169 ****
--- 163,173 ----
if (!abfd->target_defaulted)
{
if (bfd_seek (abfd, (file_ptr) 0, SEEK_SET) != 0) /* rewind! */
+ {
+ if (matching)
+ free ((PTR) matching_vector);
return FALSE;
+ }
right_targ = BFD_SEND_FMT (abfd, _bfd_check_format, (abfd));
*************** bfd_check_format_matches (abfd, format,
*** 214,220 ****
--- 218,228 ----
abfd->xvec = *target; /* Change BFD's target temporarily. */
if (bfd_seek (abfd, (file_ptr) 0, SEEK_SET) != 0)
+ {
+ if (matching)
+ free ((PTR) matching_vector);
return FALSE;
+ }
/* If _bfd_check_format neglects to set bfd_error, assume
bfd_error_wrong_format. We didn't used to even pay any
Index: linker.c
===================================================================
RCS file: /cvs/src/src/bfd/linker.c,v
retrieving revision 1.29
diff -c -3 -p -w -r1.29 linker.c
*** linker.c 20 Dec 2002 22:41:13 -0000 1.29
--- linker.c 31 Mar 2003 17:23:37 -0000
*************** _bfd_generic_final_link (abfd, info)
*** 2081,2092 ****
input_section,
relocs,
symbols);
if (reloc_count < 0)
return FALSE;
BFD_ASSERT ((unsigned long) reloc_count
== input_section->reloc_count);
o->reloc_count += reloc_count;
- free (relocs);
}
}
if (o->reloc_count > 0)
--- 2081,2092 ----
input_section,
relocs,
symbols);
+ free (relocs);
if (reloc_count < 0)
return FALSE;
BFD_ASSERT ((unsigned long) reloc_count
== input_section->reloc_count);
o->reloc_count += reloc_count;
}
}
if (o->reloc_count > 0)
Index: opncls.c
===================================================================
RCS file: /cvs/src/src/bfd/opncls.c,v
retrieving revision 1.14
diff -c -3 -p -w -r1.14 opncls.c
*** opncls.c 31 Jan 2003 10:04:16 -0000 1.14
--- opncls.c 31 Mar 2003 17:23:38 -0000
*************** find_separate_debug_file (abfd, debug_fi
*** 931,938 ****
basename = get_debug_link_info (abfd, & crc32);
! if (basename == NULL || strlen (basename) < 1)
return NULL;
dir = xstrdup (abfd->filename);
BFD_ASSERT (strlen (dir) != 0);
--- 931,943 ----
basename = get_debug_link_info (abfd, & crc32);
! if (basename == NULL)
return NULL;
+ if (strlen (basename) < 1)
+ {
+ free (basename);
+ return NULL;
+ }
dir = xstrdup (abfd->filename);
BFD_ASSERT (strlen (dir) != 0);
Index: simple.c
===================================================================
RCS file: /cvs/src/src/bfd/simple.c,v
retrieving revision 1.5
diff -c -3 -p -w -r1.5 simple.c
*** simple.c 30 Nov 2002 08:39:40 -0000 1.5
--- simple.c 31 Mar 2003 17:23:38 -0000
*************** bfd_simple_get_relocated_section_content
*** 135,141 ****
struct bfd_link_order link_order;
struct bfd_link_callbacks callbacks;
bfd_byte *contents, *data;
! int storage_needed, number_of_symbols;
asymbol **symbol_table;
if (! (sec->flags & SEC_RELOC))
--- 135,141 ----
struct bfd_link_order link_order;
struct bfd_link_callbacks callbacks;
bfd_byte *contents, *data;
! int storage_needed;
asymbol **symbol_table;
if (! (sec->flags & SEC_RELOC))
*************** bfd_simple_get_relocated_section_content
*** 187,193 ****
storage_needed = bfd_get_symtab_upper_bound (abfd);
symbol_table = (asymbol **) bfd_malloc (storage_needed);
! number_of_symbols = bfd_canonicalize_symtab (abfd, symbol_table);
contents = bfd_get_relocated_section_contents (abfd,
&link_info,
--- 187,193 ----
storage_needed = bfd_get_symtab_upper_bound (abfd);
symbol_table = (asymbol **) bfd_malloc (storage_needed);
! bfd_canonicalize_symtab (abfd, symbol_table);
contents = bfd_get_relocated_section_contents (abfd,
&link_info,
*************** bfd_simple_get_relocated_section_content
*** 208,212 ****
--- 208,213 ----
bfd_link_hash_table_free (abfd, link_info.hash);
+ free (symbol_table);
return contents;
}
Index: ldfile.c
===================================================================
RCS file: /cvs/src/src/ld/ldfile.c,v
retrieving revision 1.28
diff -c -3 -p -w -r1.28 ldfile.c
*** ldfile.c 25 Mar 2003 10:29:28 -0000 1.28
--- ldfile.c 31 Mar 2003 17:49:17 -0000
*************** is_sysrooted_pathname (name, notsame)
*** 106,137 ****
return result;
}
void
ldfile_add_library_path (name, cmdline)
const char *name;
bfd_boolean cmdline;
{
search_dirs_type *new;
if (!cmdline && config.only_cmd_line_lib_dirs)
return;
new = (search_dirs_type *) xmalloc (sizeof (search_dirs_type));
new->next = NULL;
- new->name = name;
new->cmdline = cmdline;
*search_tail_ptr = new;
search_tail_ptr = &new->next;
/* If a directory is marked as honoring sysroot, prepend the sysroot path
now. */
! if (new->name[0] == '=')
{
! new->name = concat (ld_sysroot, &new->name[1], NULL);
new->sysrooted = TRUE;
}
else
! new->sysrooted = is_sysrooted_pathname (new->name, FALSE);
}
/* Try to open a BFD for a lang_input_statement. */
--- 106,143 ----
return result;
}
+ /* Adds NAME to the library search path.
+ Makes a copy of NAME using xmalloc(). */
+
void
ldfile_add_library_path (name, cmdline)
const char *name;
bfd_boolean cmdline;
{
search_dirs_type *new;
+ char *newname;
if (!cmdline && config.only_cmd_line_lib_dirs)
return;
new = (search_dirs_type *) xmalloc (sizeof (search_dirs_type));
new->next = NULL;
new->cmdline = cmdline;
*search_tail_ptr = new;
search_tail_ptr = &new->next;
/* If a directory is marked as honoring sysroot, prepend the sysroot path
now. */
! if (name[0] == '=')
{
! new->name = concat (ld_sysroot, name + 1, NULL);
new->sysrooted = TRUE;
}
else
! {
! new->name = xstrdup (name);
! new->sysrooted = is_sysrooted_pathname (name, FALSE);
! }
}
/* Try to open a BFD for a lang_input_statement. */
Index: ldlang.c
===================================================================
RCS file: /cvs/src/src/ld/ldlang.c,v
retrieving revision 1.110
diff -c -3 -p -w -r1.110 ldlang.c
*** ldlang.c 3 Mar 2003 20:00:35 -0000 1.110
--- ldlang.c 31 Mar 2003 17:49:23 -0000
*************** lang_register_vers_node (name, version,
*** 5276,5281 ****
--- 5276,5282 ----
|| (lang_elf_version_info && lang_elf_version_info->name[0] == '\0'))
{
einfo (_("%X%P: anonymous version tag cannot be combined with other version tags\n"));
+ free (version);
return;
}
Index: ldmain.c
===================================================================
RCS file: /cvs/src/src/ld/ldmain.c,v
retrieving revision 1.65
diff -c -3 -p -w -r1.65 ldmain.c
*** ldmain.c 25 Mar 2003 10:29:28 -0000 1.65
--- ldmain.c 31 Mar 2003 17:49:24 -0000
*************** set_scripts_dir ()
*** 672,693 ****
{
char *end, *dir;
size_t dirlen;
dir = make_relative_prefix (program_name, BINDIR, SCRIPTDIR);
- if (dir && check_for_scripts_dir (dir))
- /* Success. Don't free dir. */
- return;
-
if (dir)
free (dir);
!
! dir = make_relative_prefix (program_name, TOOLBINDIR, SCRIPTDIR);
! if (dir && check_for_scripts_dir (dir))
! /* Success. Don't free dir. */
return;
if (dir)
free (dir);
if (check_for_scripts_dir (SCRIPTDIR))
/* We've been installed normally. */
--- 672,696 ----
{
char *end, *dir;
size_t dirlen;
+ bfd_boolean found;
dir = make_relative_prefix (program_name, BINDIR, SCRIPTDIR);
if (dir)
+ {
+ found = check_for_scripts_dir (dir);
free (dir);
! if (found)
return;
+ }
+ dir = make_relative_prefix (program_name, TOOLBINDIR, SCRIPTDIR);
if (dir)
+ {
+ found = check_for_scripts_dir (dir);
free (dir);
+ if (found)
+ return;
+ }
if (check_for_scripts_dir (SCRIPTDIR))
/* We've been installed normally. */
*************** set_scripts_dir ()
*** 718,732 ****
dir[dirlen] = '\0';
if (check_for_scripts_dir (dir))
! /* Don't free dir. */
return;
/* Look for "ldscripts" in <the dir where our binary is>/../lib. */
strcpy (dir + dirlen, "/../lib");
! if (check_for_scripts_dir (dir))
! return;
!
! /* Well, we tried. */
free (dir);
}
--- 721,734 ----
dir[dirlen] = '\0';
if (check_for_scripts_dir (dir))
! {
! free (dir);
return;
+ }
/* Look for "ldscripts" in <the dir where our binary is>/../lib. */
strcpy (dir + dirlen, "/../lib");
! check_for_scripts_dir (dir);
free (dir);
}
*************** add_keepsyms_file (filename)
*** 832,837 ****
--- 834,840 ----
if (link_info.strip != strip_none)
einfo (_("%P: `-retain-symbols-file' overrides `-s' and `-S'\n"));
+ free (buf);
link_info.strip = strip_some;
}
Index: ldmisc.c
===================================================================
RCS file: /cvs/src/src/ld/ldmisc.c,v
retrieving revision 1.14
diff -c -3 -p -w -r1.14 ldmisc.c
*** ldmisc.c 30 Nov 2002 08:39:45 -0000 1.14
--- ldmisc.c 31 Mar 2003 18:08:52 -0000
*************** vfinfo (fp, fmt, arg)
*** 327,332 ****
--- 327,335 ----
else if (filename != NULL && linenumber != 0)
fprintf (fp, ":%u", linenumber);
}
+
+ if (asymbols != NULL && entry == NULL)
+ free (asymbols);
if (discard_last)
{
Index: lexsup.c
===================================================================
RCS file: /cvs/src/src/ld/lexsup.c,v
retrieving revision 1.60
diff -c -3 -p -w -r1.60 lexsup.c
*** lexsup.c 28 Feb 2003 01:32:30 -0000 1.60
--- lexsup.c 31 Mar 2003 17:49:26 -0000
*************** parse_args (argc, argv)
*** 1116,1121 ****
--- 1116,1123 ----
case 'Y':
if (strncmp (optarg, "P,", 2) == 0)
optarg += 2;
+ if (default_dirlist != NULL)
+ free (default_dirlist);
default_dirlist = xstrdup (optarg);
break;
case 'y':
*************** parse_args (argc, argv)
*** 1193,1200 ****
lang_leave_group ();
if (default_dirlist != NULL)
set_default_dirlist (default_dirlist);
!
}
/* Add the (colon-separated) elements of DIRLIST_PTR to the
--- 1195,1204 ----
lang_leave_group ();
if (default_dirlist != NULL)
+ {
set_default_dirlist (default_dirlist);
! free (default_dirlist);
! }
}
/* Add the (colon-separated) elements of DIRLIST_PTR to the