Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / external / github.com / llvm / llvm-project / libunwind / fd8399e5b04f409489fd1268d0066d629c111dec^! / . / src / DwarfParser.hpp
commitfd8399e5b04f409489fd1268d0066d629c111dec[log] [tgz]
authorJorge Gorbe Moya <jgorbe@google.com>Tue Feb 18 11:48:02 2020 -0800
committerJorge Gorbe Moya <jgorbe@google.com>Tue Feb 18 11:57:18 2020 -0800
tree600d514fa3a26d80cefc774f7443ac307d34dcdc
parent214b72e715a07d8290acbe403a070b4651d79c3a [diff] [blame]
[libunwind] Fix memory leak in handling of DW_CFA_remember_state and DW_CFA_restore_state

parseInstructions() doesn't always process the whole set of DWARF
instructions for a frame. It will stop once the target PC is reached, or
if malformed instructions are found. So, for example, if we have an
instruction sequence like this:

```
<start>
...
DW_CFA_remember_state
...
DW_CFA_advance_loc past the location we're unwinding at (pcoffset in parseInstructions() main loop)
...
DW_CFA_restore_state
<end>
```

... the saved state will never be freed, even though the
DW_CFA_remember_state opcode has a matching DW_CFA_restore_state later
in the sequence.

This change adds code to free whatever is left on rememberStack after
parsing the CIE and the FDE instructions.

Differential Revision: https://reviews.llvm.org/D66904

Cr-Mirrored-From: sso://chromium.googlesource.com/_direct/external/github.com/llvm/llvm-project
Cr-Mirrored-Commit: 1ae8d81147a0724cc972054afbd72943032e4832

diff --git a/src/DwarfParser.hpp b/src/DwarfParser.hpp
index df69c2a..2994bd7 100644
--- a/src/DwarfParser.hpp
+++ b/src/DwarfParser.hpp

@@ -360,13 +360,25 @@
   PrologInfoStackEntry *rememberStack = NULL;
 
   // parse CIE then FDE instructions
-  return parseInstructions(addressSpace, cieInfo.cieInstructions,
-                           cieInfo.cieStart + cieInfo.cieLength, cieInfo,
-                           (pint_t)(-1), rememberStack, arch, results) &&
-         parseInstructions(addressSpace, fdeInfo.fdeInstructions,
-                           fdeInfo.fdeStart + fdeInfo.fdeLength, cieInfo,
-                           upToPC - fdeInfo.pcStart, rememberStack, arch,
-                           results);
+  bool returnValue =
+      parseInstructions(addressSpace, cieInfo.cieInstructions,
+                        cieInfo.cieStart + cieInfo.cieLength, cieInfo,
+                        (pint_t)(-1), rememberStack, arch, results) &&
+      parseInstructions(addressSpace, fdeInfo.fdeInstructions,
+                        fdeInfo.fdeStart + fdeInfo.fdeLength, cieInfo,
+                        upToPC - fdeInfo.pcStart, rememberStack, arch, results);
+
+  // Clean up rememberStack. Even in the case where every DW_CFA_remember_state
+  // is paired with a DW_CFA_restore_state, parseInstructions can skip restore
+  // opcodes if it reaches the target PC and stops interpreting, so we have to
+  // make sure we don't leak memory.
+  while (rememberStack) {
+    PrologInfoStackEntry *next = rememberStack->next;
+    free(rememberStack);
+    rememberStack = next;
+  }
+
+  return returnValue;
 }
 
 /// "run" the DWARF instructions