This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Suggest a fix?


On Fri, Jul 27, 2007 at 03:35:56PM -0700, msnyder@sonic.net wrote:
> I see two instances of this code fragment in elflink.c:
> 
>   name = h->root.root.string;
>   p = strchr (name, ELF_VER_CHR);
>   if (p != NULL)
>     {
>       alc = bfd_malloc (p - name + 1);
>       memcpy (alc, name, p - name);
>       alc[p - name] = '\0';
>       name = alc;
>     }
> 
> One is in elf_collect_hash_codes, and one in elf_collect_gnu_hash_codes.
> The issue is that the bfd_malloc is not checked for null return, and I'm
> not sure what best to do if it returns null.

I suggested a fix in
http://sourceware.org/ml/binutils/2007-07/msg00141.html

Another would be to simply overwrite the '@' with a zero then restore
after calculating the hash.  Despite h->root.root.string being const,
it is always in read/write memory.

> By any chance, is there an upper limit to the length of 'name',

Nope.

-- 
Alan Modra
Australia Development Lab, IBM


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]