1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
# HG changeset patch
# Parent d30cb471a35b400d3db84e24b0d653b82fedd458
Bug 1542958 - avoid malloc/delete[] mismatches in elfhack; r=glandium
We were allocating ElfSection's data with `new[]` and modifying it with
`realloc` in some places, which causes allocator mismatches.
Consistently manage the data with `malloc`, `realloc`, and `free` instead.
Differential Revision: https://phabricator.services.mozilla.com/D27327
diff --git a/build/unix/elfhack/elf.cpp b/build/unix/elfhack/elf.cpp
--- a/build/unix/elfhack/elf.cpp
+++ b/build/unix/elfhack/elf.cpp
@@ -492,17 +492,20 @@ ElfSection::ElfSection(Elf_Shdr &s, std:
: parent->getSection(shdr.sh_link)),
next(nullptr),
previous(nullptr),
index(-1) {
if ((file == nullptr) || (shdr.sh_type == SHT_NULL) ||
(shdr.sh_type == SHT_NOBITS))
data = nullptr;
else {
- data = new char[shdr.sh_size];
+ data = static_cast<char *>(malloc(shdr.sh_size));
+ if (!data) {
+ throw std::runtime_error("Could not malloc ElfSection data");
+ }
int pos = file->tellg();
file->seekg(shdr.sh_offset);
file->read(data, shdr.sh_size);
file->seekg(pos);
}
if (shdr.sh_name == 0)
name = nullptr;
else {
diff --git a/build/unix/elfhack/elfhack.cpp b/build/unix/elfhack/elfhack.cpp
--- a/build/unix/elfhack/elfhack.cpp
+++ b/build/unix/elfhack/elfhack.cpp
@@ -174,17 +174,20 @@ class ElfRelHackCode_Section : public El
addr = (addr | ((*c)->getAddrAlign() - 1)) + 1;
(*c)->getShdr().sh_addr = addr;
// We need to align this section depending on the greater
// alignment required by code sections.
if (shdr.sh_addralign < (*c)->getAddrAlign())
shdr.sh_addralign = (*c)->getAddrAlign();
}
shdr.sh_size = code.back()->getAddr() + code.back()->getSize();
- data = new char[shdr.sh_size];
+ data = static_cast<char *>(malloc(shdr.sh_size));
+ if (!data) {
+ throw std::runtime_error("Could not malloc ElfSection data");
+ }
char *buf = data;
for (c = code.begin(); c != code.end(); ++c) {
memcpy(buf, (*c)->getData(), (*c)->getSize());
buf += (*c)->getSize();
}
name = elfhack_text;
}
diff --git a/build/unix/elfhack/elfxx.h b/build/unix/elfhack/elfxx.h
--- a/build/unix/elfhack/elfxx.h
+++ b/build/unix/elfhack/elfxx.h
@@ -320,17 +320,17 @@ class ElfSection {
public:
typedef union {
ElfSection *section;
int index;
} SectionInfo;
ElfSection(Elf_Shdr &s, std::ifstream *file, Elf *parent);
- virtual ~ElfSection() { delete[] data; }
+ virtual ~ElfSection() { free(data); }
const char *getName() { return name; }
unsigned int getType() { return shdr.sh_type; }
unsigned int getFlags() { return shdr.sh_flags; }
unsigned int getAddr();
unsigned int getSize() { return shdr.sh_size; }
unsigned int getAddrAlign() { return shdr.sh_addralign; }
unsigned int getEntSize() { return shdr.sh_entsize; }
|