[Tinycc-devel] Segfaults in free

tinycc-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Tinycc-devel] Segfaults in free_section

From:	Shmuel Zeigerman
Subject:	[Tinycc-devel] Segfaults in free_section
Date:	Sat, 24 May 2008 10:45:06 +0300
User-agent:	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080313 SeaMonkey/1.1.9

The latest change in free_section function cause accesses to alreadyreleased memory and (occasionally) segfaults.

During execution of tcc_delete, when free_section is called on .rel.textand .rel.data sections, each of these sections contains a link to thealready freed .symtab section, but free_section knows nothing that thelinks are invalid.

My solution to this (see a patch below) is to reverse the order offreeing the sections, so that .rel.text and .rel.data be freed before.symtab.

As I don't know TCC internals well enough, this solution may beincorrect. Another solution may be to revert the relevant changes to theprevious CVS version.



--- tcc-cvs.c   Sat May 24 10:06:26 2008
+++ tcc.c       Sat May 24 00:30:12 2008
@@ -10225,7 +10225,7 @@
     /* free all sections */
     free_section(s1->dynsymtab_section);

-    for(i = 1; i < s1->nb_sections; i++)
+    for(i = s1->nb_sections - 1; i > 0; i--)
         free_section(s1->sections[i]);
     tcc_free(s1->sections);

--
Shmuel

[Prev in Thread]

Current Thread

[Next in Thread]

[Tinycc-devel] Segfaults in free_section, Shmuel Zeigerman <=

Prev by Date: Re: [Tinycc-devel] tinycc tcc.c tccelf.c
Next by Date: [Tinycc-devel] Patch for DESTDIR installation
Previous by thread: [Tinycc-devel] tinycc tcc.c tccelf.c tccpe.c
Next by thread: [Tinycc-devel] Patch for DESTDIR installation
Index(es):
- Date
- Thread