Hi Mark, On Mon, Feb 10, 2025 at 10:49 AM Mark Wielaard <m...@klomp.org> wrote: > > __libdw_getabbrev could crash on reading a bad abbrev by trying to > deallocate memory it didn't allocate itself. This could happen because > dwarf_offabbrev would supply its own memory when calling > __libdw_getabbrev. No other caller did this. > > Simplify the __libdw_getabbrev common code by not taking external > memory to put the abbrev result in (this would also not work correctly > if the abbrev was already cached). And make dwarf_offabbrev explicitly > copy the result (if there was no error or end of abbrev). > > * libdw/dwarf_getabbrev.c (__libdw_getabbrev): Don't take > Dwarf_Abbrev result argument. Always just allocate abb when > abbrev not found in cache. > (dwarf_getabbrev): Don't pass NULL as last argument to > __libdw_getabbrev. > * libdw/dwarf_tag.c (__libdw_findabbrev): Likewise. > * libdw/dwarf_offabbrev.c (dwarf_offabbrev): Likewise. And copy > abbrev into abbrevp on success. > * libdw/libdw.h (dwarf_offabbrev): Document return values. > * libdw/libdwP.h (__libdw_getabbrev): Don't take Dwarf_Abbrev > result argument. > > https://sourceware.org/bugzilla/show_bug.cgi?id=32650 > > Signed-off-by: Mark Wielaard <m...@klomp.org>
LGTM. Aaron
