This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] dereferencing a freed pointer

From: Alan Modra <amodra at bigpond dot net dot au>
To: msnyder at sonic dot net
Cc: binutils at sourceware dot org
Date: Tue, 24 Jul 2007 13:23:37 +0930
Subject: Re: [PATCH] dereferencing a freed pointer
References: <8995.12.7.175.2.1185238721.squirrel@webmail.sonic.net>

On Mon, Jul 23, 2007 at 05:58:41PM -0700, msnyder@sonic.net wrote:
> Flagged by Coverity.  If we don't set the pointer to NULL after calling
> bfd_stringtab_free, it may get called twice, in which case it will
> dereference a freed pointer.
> 
> Unlikely perhaps, but possible.

The same goes for all the other buffers.  The problem was introduced
with Joseph's 2007-06-29 attribute patch, specifically
"goto error_return" on a bfd_malloc failure.  We should just return
false.  Patch to do so preapproved.

-- 
Alan Modra
Australia Development Lab, IBM

Follow-Ups:
- Re: [PATCH] dereferencing a freed pointer
  - From: msnyder

References:
- [PATCH] dereferencing a freed pointer
  - From: msnyder

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]