[Bug ld/11367] New: cref memcpy + pointer math error

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug ld/11367] New: cref memcpy + pointer math error

From:	werkt0 at gmail dot com
Subject:	[Bug ld/11367] New: cref memcpy + pointer math error
Date:	10 Mar 2010 16:22:46 -0000

ld --cref is crashing spuriously (dependent on linkpath inclusion as well as
number of files in the linkpath directories) with a glibc detected corrupted dl
list, and I've tracked it down to a memcpy in ldcref.c.  valgrind reports memory
errors when doing the memcpy at lines 261 and 303 of the head revision, and the
following patch corrects the crash and valgrind does not report any memory
errors with it:

--- ld/ldcref.c
+++ ld/ldcref.c.mine
@@ -258,8 +258,8 @@
              c = (struct cref_hash_entry *) p;
              for (r = c->refs; r != NULL; r = r->next)
                {
-                 memcpy (old_ref, r, sizeof (struct cref_hash_entry));
-                 old_ref = (char *) old_ref + sizeof (struct cref_hash_entry);
+                 memcpy (old_ref, r, sizeof (struct cref_ref));
+                 old_ref = (char *) old_ref + sizeof (struct cref_ref);
                }
            }
        }
@@ -300,8 +300,8 @@
              c = (struct cref_hash_entry *) p;
              for (r = c->refs; r != NULL; r = r->next)
                {
-                 memcpy (r, old_ref, sizeof (struct cref_hash_entry));
-                 old_ref = (char *) old_ref + sizeof (struct cref_hash_entry);
+                 memcpy (r, old_ref, sizeof (struct cref_ref));
+                 old_ref = (char *) old_ref + sizeof (struct cref_ref);
                }
            }
        }

I believe this corrects the code to perform the intended action, and using the
sizeof(struct cref_hash_entry) was a mistake to begin with.

-- 
           Summary: cref memcpy + pointer math error
           Product: binutils
           Version: 2.21 (HEAD)
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ld
        AssignedTo: unassigned at sources dot redhat dot com
        ReportedBy: werkt0 at gmail dot com
                CC: bug-binutils at gnu dot org
 GCC build triplet: x86_64-redhat-linux
  GCC host triplet: x86_64-redhat-linux
GCC target triplet: x86_64-redhat-linux


http://sourceware.org/bugzilla/show_bug.cgi?id=11367

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug ld/11367] New: cref memcpy + pointer math error, werkt0 at gmail dot com <=
- [Bug ld/11367] cref memcpy + pointer math error, amodra at gmail dot com, 2010/03/10
- [Bug ld/11367] cref memcpy + pointer math error, amodra at gmail dot com, 2010/03/10

Prev by Date: [Bug gas/10143] Failed compilation at bfin-parse.c
Next by Date: [Bug ld/11367] cref memcpy + pointer math error
Previous by thread: [Bug gas/10143] Failed compilation at bfin-parse.c
Next by thread: [Bug ld/11367] cref memcpy + pointer math error
Index(es):
- Date
- Thread