PR24955, libbfd terminating program on out of memory (part2)

Message ID 20191014060835.GC10114@bubble.grove.modra.org
State New
Headers show
Series
  • PR24955, libbfd terminating program on out of memory (part2)
Related show

Commit Message

Alan Modra Oct. 14, 2019, 6:08 a.m.
PR 24955
	* elflink.c (elf_output_implib): Don't use xmalloc.  Don't ignore
	return value of bfd_alloc2.
	* peXXigen.c (_bfd_XXi_write_codeview_record): Don't use xmalloc.
	* pef.c (bfd_pef_print_symbol): Likewise.  Don't ignore return
	value of bfd_get_section_contents.
	* som.c (som_write_space_strings): Don't use xmalloc.
	(som_write_symbol_strings): Likewise.


-- 
Alan Modra
Australia Development Lab, IBM

Patch

diff --git a/bfd/elflink.c b/bfd/elflink.c
index 395d96d6cf..d0f70cb6f5 100644
--- a/bfd/elflink.c
+++ b/bfd/elflink.c
@@ -11649,7 +11649,10 @@  elf_output_implib (bfd *abfd, struct bfd_link_info *info)
     return FALSE;
 
   /* Read in the symbol table.  */
-  sympp = (asymbol **) xmalloc (symsize);
+  sympp = (asymbol **) bfd_malloc (symsize);
+  if (sympp == NULL)
+    return FALSE;
+
   symcount = bfd_canonicalize_symtab (abfd, sympp);
   if (symcount < 0)
     goto free_sym_buf;
@@ -11677,6 +11680,9 @@  elf_output_implib (bfd *abfd, struct bfd_link_info *info)
   /* Make symbols absolute.  */
   osymbuf = (elf_symbol_type *) bfd_alloc2 (implib_bfd, symcount,
 					    sizeof (*osymbuf));
+  if (osymbuf == NULL)
+    goto free_sym_buf;
+
   for (src_count = 0; src_count < symcount; src_count++)
     {
       memcpy (&osymbuf[src_count], (elf_symbol_type *) sympp[src_count],
diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index ee6da6480d..ab0da7f532 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -1216,7 +1216,10 @@  _bfd_XXi_write_codeview_record (bfd * abfd, file_ptr where, CODEVIEW_INFO *cvinf
   if (bfd_seek (abfd, where, SEEK_SET) != 0)
     return 0;
 
-  buffer = xmalloc (size);
+  buffer = bfd_malloc (size);
+  if (buffer == NULL)
+    return 0;
+
   cvinfo70 = (CV_INFO_PDB70 *) buffer;
   H_PUT_32 (abfd, CVINFO_PDB70_CVSIGNATURE, cvinfo70->CvSignature);
 
diff --git a/bfd/pef.c b/bfd/pef.c
index effa076405..fccb9b6ac3 100644
--- a/bfd/pef.c
+++ b/bfd/pef.c
@@ -221,15 +221,16 @@  bfd_pef_print_symbol (bfd *abfd,
       fprintf (file, " %-5s %s", symbol->section->name, symbol->name);
       if (CONST_STRNEQ (symbol->name, "__traceback_"))
 	{
-	  unsigned char *buf = xmalloc (symbol->udata.i);
+	  unsigned char *buf;
 	  size_t offset = symbol->value + 4;
 	  size_t len = symbol->udata.i;
-	  int ret;
 
-	  bfd_get_section_contents (abfd, symbol->section, buf, offset, len);
-	  ret = bfd_pef_parse_traceback_table (abfd, symbol->section, buf,
-					       len, 0, NULL, file);
-	  if (ret < 0)
+	  buf = bfd_malloc (len);
+	  if (buf == NULL
+	      || !bfd_get_section_contents (abfd, symbol->section, buf,
+					    offset, len)
+	      || bfd_pef_parse_traceback_table (abfd, symbol->section, buf,
+						len, 0, NULL, file) < 0)
 	    fprintf (file, " [ERROR]");
 	  free (buf);
 	}
diff --git a/bfd/som.c b/bfd/som.c
index 4c9dcaee67..5145651c3d 100644
--- a/bfd/som.c
+++ b/bfd/som.c
@@ -3309,13 +3309,16 @@  som_write_space_strings (bfd *abfd,
   /* Chunk of memory that we can use as buffer space, then throw
      away.  */
   size_t tmp_space_size = SOM_TMP_BUFSIZE;
-  char *tmp_space = xmalloc (tmp_space_size);
+  char *tmp_space = bfd_malloc (tmp_space_size);
   char *p = tmp_space;
   unsigned int strings_size = 0;
   asection *section;
   bfd_size_type amt;
   bfd_size_type res;
 
+  if (tmp_space == NULL)
+    return FALSE;
+
   /* Seek to the start of the space strings in preparation for writing
      them out.  */
   if (bfd_seek (abfd, (file_ptr) current_offset, SEEK_SET) != 0)
@@ -3419,12 +3422,15 @@  som_write_symbol_strings (bfd *abfd,
   /* Chunk of memory that we can use as buffer space, then throw
      away.  */
   size_t tmp_space_size = SOM_TMP_BUFSIZE;
-  char *tmp_space = xmalloc (tmp_space_size);
+  char *tmp_space = bfd_malloc (tmp_space_size);
   char *p = tmp_space;
   unsigned int strings_size = 0;
   bfd_size_type amt;
   bfd_size_type res;
 
+  if (tmp_space == NULL)
+    return FALSE;
+
   /* This gets a bit gruesome because of the compilation unit.  The
      strings within the compilation unit are part of the symbol
      strings, but don't have symbol_dictionary entries.  So, manually