From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-patches-return-12259-listarch-gdb-patches=sourceware.cygnus.com@sources.redhat.com>
Received: (qmail 17636 invoked by alias); 24 Jan 2002 02:13:44 -0000
Mailing-List: contact gdb-patches-help@sources.redhat.com; run by ezmlm
Precedence: bulk
List-Subscribe: <mailto:gdb-patches-subscribe@sources.redhat.com>
List-Archive: <http://sources.redhat.com/ml/gdb-patches/>
List-Post: <mailto:gdb-patches@sources.redhat.com>
List-Help: <mailto:gdb-patches-help@sources.redhat.com>, <http://sources.redhat.com/ml/#faqs>
Sender: gdb-patches-owner@sources.redhat.com
Received: (qmail 17603 invoked from network); 24 Jan 2002 02:13:40 -0000
Received: from unknown (HELO cygnus.com) (205.180.230.5)
  by sources.redhat.com with SMTP; 24 Jan 2002 02:13:40 -0000
Received: from redhat.com (reddwarf.sfbay.redhat.com [205.180.231.12])
	by runyon.cygnus.com (8.8.7-cygnus/8.8.7) with ESMTP id SAA08140;
	Wed, 23 Jan 2002 18:13:36 -0800 (PST)
Message-ID: <3C4F6C61.B999A051@redhat.com>
Date: Wed, 23 Jan 2002 18:13:00 -0000
From: Michael Snyder <msnyder@redhat.com>
Organization: Red Hat, Inc.
X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.4.2-2smp i686)
X-Accept-Language: en
MIME-Version: 1.0
To: fnf@redhat.com
CC: gdb-patches@sources.redhat.com
Subject: Re: [RFA] Fix memory corruption bug in mdebugread.c
References: <200201240003.g0O03RD01228@fred.ninemoons.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-SW-Source: 2002-01/txt/msg00704.txt.bz2

Fred Fish wrote:
> 
> The code to handle stabs continuation in mdebugread.c incorrectly
> attempts to overwrite memory returned by realloc with the original
> contents of the memory passed to realloc.  This is wrong for two
> reasons; first realloc will do any copying needed if the string is
> moved, and second, the copy at the old location may be corrupted by
> the time realloc returns a pointer to the new location.
> 
> This patch fixes the problem.
> 
> -Fred

Looks correct to me.  Since the file has no maintainer, 
I'll give approval.  

> 2002-01-23  Fred Fish  <fnf@redhat.com>
> 
>         * mdebugread.c (parse_partial_symbols): Only copy stabstring1 to
>         stabstring on initial malloc.  Reallocing will copy it for us,
>         if necessary.
> 
> Index: mdebugread.c
> ===================================================================
> RCS file: /cvs/src/src/gdb/mdebugread.c,v
> retrieving revision 1.22
> diff -c -p -r1.22 mdebugread.c
> *** mdebugread.c        2002/01/20 19:42:04     1.22
> --- mdebugread.c        2002/01/24 00:02:24
> *************** parse_partial_symbols (struct objfile *o
> *** 2707,2714 ****
>                      && stabstring != debug_info->ss + fh->issBase + sh.iss)
>                       stabstring = xrealloc (stabstring, len + len2 + 1);
>                     else
> !                     stabstring = xmalloc (len + len2 + 1);
> !                   strcpy (stabstring, stabstring1);
>                     strcpy (stabstring + len, stabstring2);
>                     len += len2;
>                   }
> --- 2707,2716 ----
>                      && stabstring != debug_info->ss + fh->issBase + sh.iss)
>                       stabstring = xrealloc (stabstring, len + len2 + 1);
>                     else
> !                     {
> !                       stabstring = xmalloc (len + len2 + 1);
> !                       strcpy (stabstring, stabstring1);
> !                     }
>                     strcpy (stabstring + len, stabstring2);
>                     len += len2;
>                   }