Fix a memory leak reading minisymbols.

Resolves: #1661535
This commit is contained in:
Nick Clifton 2019-01-03 14:54:11 +00:00
parent 2740684805
commit 20b09dd8e9
2 changed files with 66 additions and 2 deletions

View File

@ -0,0 +1,56 @@
diff -rup binutils.ori/bfd/syms.c binutils-2.31.1/bfd/syms.c
--- binutils.ori/bfd/syms.c 2019-01-03 13:51:05.784005438 +0000
+++ binutils-2.31.1/bfd/syms.c 2019-01-03 13:53:43.238815129 +0000
@@ -822,10 +822,18 @@ _bfd_generic_read_minisymbols (bfd *abfd
if (symcount < 0)
goto error_return;
- *minisymsp = syms;
- *sizep = sizeof (asymbol *);
+ if (symcount == 0)
+ /* We return 0 above when storage is 0. Exit in the same state
+ here, so as to not complicate callers with having to deal with
+ freeing memory for zero symcount. */
+ free (syms);
+ else
+ {
+ *minisymsp = syms;
+ *sizep = sizeof (asymbol *);
+ }
- return symcount;
+ return symcount;
error_return:
bfd_set_error (bfd_error_no_symbols);
diff -rup binutils.ori/binutils/nm.c binutils-2.31.1/binutils/nm.c
--- binutils.ori/binutils/nm.c 2019-01-03 13:51:06.337001258 +0000
+++ binutils-2.31.1/binutils/nm.c 2019-01-03 13:52:37.542311774 +0000
@@ -1162,13 +1162,11 @@ display_rel_file (bfd *abfd, bfd *archiv
if (synth_count > 0)
{
asymbol **symp;
- void *new_mini;
long i;
- new_mini = xmalloc ((symcount + synth_count + 1) * sizeof (*symp));
- symp = (asymbol **) new_mini;
- memcpy (symp, minisyms, symcount * sizeof (*symp));
- symp += symcount;
+ minisyms = xrealloc (minisyms,
+ (symcount + synth_count + 1) * sizeof (*symp));
+ symp = (asymbol **) minisyms + symcount;
for (i = 0; i < synth_count; i++)
*symp++ = synthsyms + i;
*symp = 0;
diff -rup binutils.orig/binutils/nm.c binutils-2.31.1/binutils/nm.c
--- binutils.orig/binutils/nm.c 2019-01-03 14:18:21.086458519 +0000
+++ binutils-2.31.1/binutils/nm.c 2019-01-03 14:18:23.642438853 +0000
@@ -1170,7 +1170,6 @@ display_rel_file (bfd *abfd, bfd *archiv
for (i = 0; i < synth_count; i++)
*symp++ = synthsyms + i;
*symp = 0;
- minisyms = new_mini;
symcount += synth_count;
}
}

View File

@ -69,7 +69,7 @@
Summary: A GNU collection of binary utilities Summary: A GNU collection of binary utilities
Name: %{?cross}binutils%{?_with_debug:-debug} Name: %{?cross}binutils%{?_with_debug:-debug}
Version: 2.31.1 Version: 2.31.1
Release: 15%{?dist} Release: 16%{?dist}
License: GPLv3+ License: GPLv3+
URL: https://sourceware.org/binutils URL: https://sourceware.org/binutils
@ -191,6 +191,10 @@ Patch17: binutils-delay-ld-script-constant-eval.patch
# Lifetime: Fixed in 2.32 # Lifetime: Fixed in 2.32
Patch18: binutils-gold-discard-version-info.patch Patch18: binutils-gold-discard-version-info.patch
# Purpose: Fix a memory leak reading minisymbols.
# Lifetime: Fixed in 2.32
Patch19: binutils-CVE-2018-20002.patch
#---------------------------------------------------------------------------- #----------------------------------------------------------------------------
Provides: bundled(libiberty) Provides: bundled(libiberty)
@ -332,6 +336,7 @@ using libelf instead of BFD.
%patch16 -p1 %patch16 -p1
%patch17 -p1 %patch17 -p1
%patch18 -p1 %patch18 -p1
%patch19 -p1
# We cannot run autotools as there is an exact requirement of autoconf-2.59. # We cannot run autotools as there is an exact requirement of autoconf-2.59.
@ -480,7 +485,7 @@ export LDFLAGS=$RPM_LD_FLAGS
%make_build %{_smp_mflags} tooldir=%{_prefix} MAKEINFO=true all %make_build %{_smp_mflags} tooldir=%{_prefix} MAKEINFO=true all
%endif %endif
# Do not use %%check as it is run after %%install where libbfd.so is rebuild # Do not use %%check as it is run after %%install where libbfd.so is rebuilt
# with -fvisibility=hidden no longer being usable in its shared form. # with -fvisibility=hidden no longer being usable in its shared form.
%if %{without testsuite} %if %{without testsuite}
echo ====================TESTSUITE DISABLED========================= echo ====================TESTSUITE DISABLED=========================
@ -739,6 +744,9 @@ exit 0
#---------------------------------------------------------------------------- #----------------------------------------------------------------------------
%changelog %changelog
* Thu Jan 03 2019 Nick Clifton <nickc@redhat.com> - 2.31.1-16
- Fix a memory leak reading minisymbols. (#1661535)
* Wed Nov 28 2018 Nick Clifton <nickc@redhat.com> - 2.31.1-15 * Wed Nov 28 2018 Nick Clifton <nickc@redhat.com> - 2.31.1-15
- Stop gold from warning about discard version information unless explicitly requested. (#1654153) - Stop gold from warning about discard version information unless explicitly requested. (#1654153)