Imagelibrary/binutils-gdb
1
0
Fork 1
mirror of https://github.com/bminor/binutils-gdb.git synced 2025-12-05 15:15:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

gdb: Stop exec_close looking like a UAF weakness

Browse Source 
A recent static analyzer run flagged that program_space::exec_close
could be using a pointer after it has been freed. This is not true, as
the pointer is never dereferenced, the address is used for comparisons.

However, to avoid false positives from static analyzers (or bogus
security bugs), this commit makes the code stop looking like a UAF by
moving the unique_ptr into a local unique_ptr, so that there is no way
someone would think memory could be used after being freed.

Approved-By: Tom Tromey <tom@tromey.com>
This commit is contained in:
Guinevere Larsen
2025-04-29 11:39:56 -03:00
parent 0ecc474b76
commit aab91c55c3
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
gdb/progspace.c
View File

@@ -202,12 +202,14 @@ program_space::exec_close ()
if (ebfd != nullptr)
{
/* Removing target sections may close the exec_ops target.
Clear ebfd before doing so to prevent recursion. */
bfd *saved_ebfd = ebfd.get ();
Clear ebfd before doing so to prevent recursion. We
move it to another ref_ptr instead of saving it to a raw
pointer to avoid it looking like possible use-after-free. */
gdb_bfd_ref_ptr saved_ebfd = std::move(ebfd);
ebfd.reset (nullptr);
ebfd_mtime = 0;
remove_target_sections (saved_ebfd);
remove_target_sections (saved_ebfd.get ());
m_exec_filename.reset ();
}