[DTrace-devel] [PATCH 19/47] Do not allocate a 0-size strtab
Kris Van Hees
kris.van.hees at oracle.com
Sun May 3 20:17:22 PDT 2020
If there is no stirng data to be stored in a DIFO, we were allocating
a 0-size memory block. There is no need for that - we can just assign
NULL to the dtdo_strtab member.
In the case of the dt_link_stmt() code, we also happened to take the
dtdo_strlen value from the wrong DIFO (fdp instead of dp) causing a
0-size strtab to be allocated into which we then try to write actual
data. That caused memory corruption.
Orabug: 31220517
Signed-off-by: Kris Van Hees <kris.van.hees at oracle.com>
Reviewed-by: Kris Van Hees <kris.van.hees at oracle.com>
Reviewed-by: Eugene Loh <eugene.loh at oracle.com>
---
libdtrace/dt_cc.c | 14 +++++++++-----
libdtrace/dt_dlibs.c | 23 +++++++++++++----------
2 files changed, 22 insertions(+), 15 deletions(-)
diff --git a/libdtrace/dt_cc.c b/libdtrace/dt_cc.c
index 82728827..770ee4f3 100644
--- a/libdtrace/dt_cc.c
+++ b/libdtrace/dt_cc.c
@@ -2383,11 +2383,15 @@ dt_link_stmt(dtrace_hdl_t *dtp, dtrace_prog_t *pgp, dtrace_stmtdesc_t *sdp,
* Write out the new string table.
*/
dp->dtdo_strlen = dt_strtab_size(stab);
- dp->dtdo_strtab = dt_zalloc(dtp, fdp->dtdo_strlen);
- if (dp->dtdo_strtab == NULL)
- goto fail;
- dt_strtab_write(stab, (dt_strtab_write_f *)dt_strtab_copystr,
- dp->dtdo_strtab);
+ if (dp->dtdo_strlen > 0) {
+ dp->dtdo_strtab = dt_zalloc(dtp, dp->dtdo_strlen);
+ if (dp->dtdo_strtab == NULL)
+ goto fail;
+ dt_strtab_write(stab, (dt_strtab_write_f *)dt_strtab_copystr,
+ dp->dtdo_strtab);
+ } else
+ dp->dtdo_strtab = NULL;
+
dt_strtab_destroy(stab);
/*
diff --git a/libdtrace/dt_dlibs.c b/libdtrace/dt_dlibs.c
index 58e01221..2b8fe21d 100644
--- a/libdtrace/dt_dlibs.c
+++ b/libdtrace/dt_dlibs.c
@@ -554,7 +554,6 @@ done:
for (fid = fun0; fid < symc; fid++) {
dtrace_difo_t *dp;
dof_relodesc_t *brp;
- size_t slen;
fp = funcs[fid];
dp = fp->difo;
@@ -583,16 +582,20 @@ done:
rp++;
}
- slen = dt_strtab_size(stab);
- dp->dtdo_strtab = dt_alloc(dtp, slen);
- dp->dtdo_strlen = slen;
- if (dp->dtdo_strtab == NULL) {
- fprintf(stderr, "Failed to alloc strtab\n");
- goto out;
- }
+ dp->dtdo_strlen = dt_strtab_size(stab);
+ if (dp->dtdo_strlen > 0) {
+ dp->dtdo_strtab = dt_alloc(dtp, dp->dtdo_strlen);
+ if (dp->dtdo_strtab == NULL) {
+ fprintf(stderr, "Failed to alloc strtab\n");
+ goto out;
+ }
+
+ dt_strtab_write(stab,
+ (dt_strtab_write_f *)dt_strtab_copystr,
+ dp->dtdo_strtab);
+ } else
+ dp->dtdo_strtab = NULL;
- dt_strtab_write(stab, (dt_strtab_write_f *)dt_strtab_copystr,
- dp->dtdo_strtab);
dt_strtab_destroy(stab);
}
--
2.26.0
More information about the DTrace-devel
mailing list