[Bug binutils/7012] New: The function bfd_find_nearest_line() leaks memory.

[Tomohisa dot Tanaka at gmail dot com]

I found the function bfd_find_nearest_line() has a memory leak bug in
bfd/dwarf2.c of binutils-2.19.  The variable "stash->dwarf_str_buffer"
in the funciton read_indirect_string() has memory allocated by
read_section() and it is never freed, as follows.

% grep -n dwarf_str_buffer binutils-2.19/bfd/dwarf2.c
129:  bfd_byte *dwarf_str_buffer;
555:                  &stash->dwarf_str_buffer, &stash->dwarf_str_size))
558:  str = (char *) stash->dwarf_str_buffer + offset;
% cat binutils-2.19/bfd/dwarf2.c
   ...
    84  struct dwarf2_debug
    85  {
   ...
   128    /* Pointer to the .debug_str section loaded into memory.  */
   129      bfd_byte *dwarf_str_buffer;
   ...
   172  };
   ...
   406  static bfd_boolean
   407  read_section (bfd *abfd,
   408                     const char* section_name, const char* 
compressed_section_name,
   409                                 asymbol** syms, bfd_uint64_t offset,
   410                                                 bfd_byte 
**section_buffer, bfd_size_type *section_size)
   411                                                 {
   ...
   415    /* read_section is a noop if the section has already been read.  */
   416      if (*section_buffer)
   417          return TRUE;
   ...
   432    if (syms)
   433      {
   ...
   435        *section_buffer
   436            = bfd_simple_get_relocated_section_contents (abfd, msec, 
NULL, syms);
   ...
   439      }
   440    else
   441      {
   ...
   443        *section_buffer = bfd_malloc (*section_size);
   ...
   449      }
   ...
   472  }
   ...
   538  static char *
   539  read_indirect_string (struct comp_unit* unit,
   540                                     bfd_byte *buf,
   541                                                        unsigned 
int *bytes_read_ptr)
   542                                                        {
   ...
   553    if (! read_section (unit->abfd, ".debug_str", ".zdebug_str",
   554                0, offset,
   555                                &stash->dwarf_str_buffer, &stash-
>dwarf_str_size))
   556                                    return 0;
   557                                    
   558                                      str = (char *) stash-
>dwarf_str_buffer + offset;
   ...
   562  }
...

Binutils-2.18 does not have the same problem, because the memory for
"stash->dwarf_str_buffer" is allocated by bfd_alloc().

-- 
           Summary: The function bfd_find_nearest_line() leaks memory.
           Product: binutils
           Version: 2.19
            Status: NEW
          Severity: normal
          Priority: P2
         Component: binutils
        AssignedTo: unassigned at sources dot redhat dot com
        ReportedBy: Tomohisa dot Tanaka at gmail dot com
                CC: bug-binutils at gnu dot org


http://sourceware.org/bugzilla/show_bug.cgi?id=7012

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-binutils