[oe-commits] Paul Gortmaker : recipes-devtools: fix segfault in lib32-gcc with "." multilib_dir
git at git.openembedded.org
git at git.openembedded.org
Tue Jun 24 10:06:05 UTC 2014
Module: openembedded-core.git
Branch: master-next
Commit: 31f96842654586bc0ce62854f529dfd11c24b46f
URL: http://git.openembedded.org/?p=openembedded-core.git&a=commit;h=31f96842654586bc0ce62854f529dfd11c24b46f
Author: Paul Gortmaker <paul.gortmaker at windriver.com>
Date: Mon Jun 23 11:01:39 2014 -0400
recipes-devtools: fix segfault in lib32-gcc with "." multilib_dir
When enabling a lib32-gcc in a 64 bit build, without doing any
other configuration, the mutilib dir is unspecified, which is
represented internally in gcc as "." and as such uncovers an
invalid free on a non-malloc'd pointer, triggered by that code
path which erroneously checks for equality with "." rather than
inequality.
Signed-off-by: Paul Gortmaker <paul.gortmaker at windriver.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
meta/recipes-devtools/gcc/gcc-4.9.inc | 1 +
...fault-from-calling-free-on-non-malloc-d-a.patch | 46 ++++++++++++++++++++++
2 files changed, 47 insertions(+)
diff --git a/meta/recipes-devtools/gcc/gcc-4.9.inc b/meta/recipes-devtools/gcc/gcc-4.9.inc
index 185dbba..cbf1355 100644
--- a/meta/recipes-devtools/gcc/gcc-4.9.inc
+++ b/meta/recipes-devtools/gcc/gcc-4.9.inc
@@ -66,6 +66,7 @@ SRC_URI = "${GNU_MIRROR}/gcc/gcc-${PV}/gcc-${PV}.tar.bz2 \
file://0050-Revert-Use-dbx_reg_number-for-spanning-registers.patch \
file://0051-eabispe.patch \
file://0052-Fix-GCC-targeting-E500-SPE-errors-with-the-_Decimal64-type.patch \
+ file://0053-gcc-fix-segfault-from-calling-free-on-non-malloc-d-a.patch \
"
SRC_URI[md5sum] = "9709b49ae0e904cbb0a6a1b62853b556"
SRC_URI[sha256sum] = "b9b047a97bade9c1c89970bc8e211ff57b7b8998a1730a80a653d329f8ed1257"
diff --git a/meta/recipes-devtools/gcc/gcc-4.9/0053-gcc-fix-segfault-from-calling-free-on-non-malloc-d-a.patch b/meta/recipes-devtools/gcc/gcc-4.9/0053-gcc-fix-segfault-from-calling-free-on-non-malloc-d-a.patch
new file mode 100644
index 0000000..6cec9d6
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc-4.9/0053-gcc-fix-segfault-from-calling-free-on-non-malloc-d-a.patch
@@ -0,0 +1,46 @@
+From 5a0d2321f7d4afebb017d0672a04f570ba942f87 Mon Sep 17 00:00:00 2001
+From: Paul Gortmaker <paul.gortmaker at windriver.com>
+Date: Fri, 20 Jun 2014 16:41:08 -0400
+Subject: [PATCH] gcc: fix segfault from calling free on non-malloc'd area
+
+We see the following on a 32bit gcc installed on 64 bit host:
+
+ Reading symbols from ./i586-pokymllib32-linux-gcc...done.
+ (gdb) run
+ Starting program: x86-pokymllib32-linux/lib32-gcc/4.9.0-r0/image/usr/bin/i586-pokymllib32-linux-gcc
+
+ Program received signal SIGSEGV, Segmentation fault.
+ 0xf7e957e0 in free () from /lib/i386-linux-gnu/libc.so.6
+ (gdb) bt
+ #0 0xf7e957e0 in free () from /lib/i386-linux-gnu/libc.so.6
+ #1 0x0804b73c in set_multilib_dir () at gcc-4.9.0/gcc/gcc.c:7827
+ #2 main (argc=1, argv=0xffffd504) at gcc-4.9.0/gcc/gcc.c:6688
+ (gdb)
+
+The problem arises because the check on whether we are using
+the internal string "." or an allocated one is reversed.
+We should be calling free() when the string is not equal to
+the internal "." string.
+
+Upstream-Status: Submitted [ https://gcc.gnu.org/ml/gcc-patches/2014-06/msg01778.html ]
+Signed-off-by: Paul Gortmaker <paul.gortmaker at windriver.com>
+---
+ gcc/gcc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gcc/gcc.c b/gcc/gcc.c
+index 6870a840e1b7..a580975a7057 100644
+--- a/gcc/gcc.c
++++ b/gcc/gcc.c
+@@ -7822,7 +7822,7 @@ set_multilib_dir (void)
+ }
+
+ if (multilib_dir == NULL && multilib_os_dir != NULL
+- && strcmp (multilib_os_dir, ".") == 0)
++ && strcmp (multilib_os_dir, ".") != 0)
+ {
+ free (CONST_CAST (char *, multilib_os_dir));
+ multilib_os_dir = NULL;
+--
+1.9.1
+
More information about the Openembedded-commits
mailing list