Fix memory corruption when using bfd_release

decompals · Mar 31, 2024 · f4dd1ae · f4dd1ae
1 parent e621c5f
commit f4dd1ae
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 9 deletions.
diff --git a/bfd/dwarf1.c b/bfd/dwarf1.c
@@ -134,6 +134,8 @@ struct linenumber
 /* Find the form of an attr, from the attr field.  */
 #define FORM_FROM_ATTR(attr)	((attr) & 0xF)	/* Implicitly specified.  */
 
+static struct dwarf1_debug _dwarf1_debug;
+
 /* Return a newly allocated dwarf1_unit.  It should be cleared and
    then attached into the 'stash' at 'stash->lastUnit'.  */
 
@@ -516,8 +518,9 @@ _bfd_dwarf1_find_nearest_line (bfd *abfd,
       asection *msec = NULL;
       bfd_size_type size = sizeof (struct dwarf1_debug);
 
+      memset(&_dwarf1_debug, 0, size);
       stash = elf_tdata (abfd)->dwarf1_find_line_info
-	          = (struct dwarf1_debug *) bfd_zalloc (abfd, size);
+	          = &_dwarf1_debug;
 
       if (! stash)
 	      return false;

diff --git a/binutils/objdump.c b/binutils/objdump.c
@@ -3684,9 +3684,6 @@ disassemble_bytes (struct disassemble_info *inf,
   free (color_buffer);
 }
 
-extern void bfd_release
-  (bfd *, void *);
-
 static void
 disassemble_section (bfd *abfd, asection *section, void *inf)
 {
@@ -4050,11 +4047,7 @@ disassemble_section (bfd *abfd, asection *section, void *inf)
 	      free (sf.buffer);
 	    }
 
-    if(elf_tdata (abfd)->dwarf1_find_line_info != NULL)
-    {
-      bfd_release (abfd, elf_tdata (abfd)->dwarf1_find_line_info);
-      elf_tdata (abfd)->dwarf1_find_line_info = NULL;
-    }
+    elf_tdata (abfd)->dwarf1_find_line_info = NULL;
 
 	  /* Add jumps to output.  */
 	  disassemble_bytes (pinfo, paux->disassemble_fn, insns, data,