|
 |
511e6ce |
From 5fa7b1f84fb02ca5dcf50d27f4bc14563c1918f6 Mon Sep 17 00:00:00 2001
|
|
|
511e6ce |
From: =?UTF-8?q?Mat=C4=9Bj=20Grabovsk=C3=BD?= <mgrabovs@redhat.com>
|
|
|
511e6ce |
Date: Mon, 12 Oct 2020 19:14:03 +0200
|
|
|
511e6ce |
Subject: [PATCH] hooklib: Proper freeing of backtrace
|
|
|
511e6ce |
|
|
|
511e6ce |
Improper bracing caused the bt variable to be freed every time in every
|
|
|
511e6ce |
iteration no matter what. This would then lead to an invalid (freed)
|
|
|
511e6ce |
pointer being returned by the function.
|
|
|
511e6ce |
|
|
|
511e6ce |
The mistake was made in 1f2963b0 and reported by Jeff Law.
|
|
|
511e6ce |
---
|
|
|
511e6ce |
src/lib/hooklib.c | 6 +++++-
|
|
|
511e6ce |
1 file changed, 5 insertions(+), 1 deletion(-)
|
|
|
511e6ce |
|
|
|
511e6ce |
diff --git a/src/lib/hooklib.c b/src/lib/hooklib.c
|
|
|
511e6ce |
index 56b77bc3..fc2a6a00 100644
|
|
|
511e6ce |
--- a/src/lib/hooklib.c
|
|
|
511e6ce |
+++ b/src/lib/hooklib.c
|
|
|
511e6ce |
@@ -361,13 +361,17 @@ char *abrt_get_backtrace(struct dump_dir *dd, unsigned timeout_sec, const char *
|
|
|
511e6ce |
|
|
|
511e6ce |
bt_depth /= 2;
|
|
|
511e6ce |
if (bt)
|
|
|
511e6ce |
+ {
|
|
|
511e6ce |
log_warning("Backtrace is too big (%u bytes), reducing depth to %u",
|
|
|
511e6ce |
(unsigned)strlen(bt), bt_depth);
|
|
|
511e6ce |
+ }
|
|
|
511e6ce |
else
|
|
|
511e6ce |
+ {
|
|
|
511e6ce |
/* (NB: in fact, current impl. of exec_vp() never returns NULL) */
|
|
|
511e6ce |
log_warning("Failed to generate backtrace, reducing depth to %u",
|
|
|
511e6ce |
bt_depth);
|
|
|
511e6ce |
- free(bt);
|
|
|
511e6ce |
+ g_clear_pointer(&bt, free);
|
|
|
511e6ce |
+ }
|
|
|
511e6ce |
|
|
|
511e6ce |
/* Replace -ex disassemble (which disasms entire function $pc points to)
|
|
|
511e6ce |
* to a version which analyzes limited, small patch of code around $pc.
|
|
|
511e6ce |
--
|
|
|
511e6ce |
2.26.2
|
|
|
511e6ce |
|