diff options
author | Mike Leach <mike.leach@linaro.org> | 2023-08-16 09:49:46 +0100 |
---|---|---|
committer | Mike Leach <mike.leach@linaro.org> | 2023-08-16 10:47:11 +0100 |
commit | d82287587c8e899bb691575f829e78e9a292009a (patch) | |
tree | 3323d81279362be0527703a67fcb31ba45d8a3d8 | |
parent | cdadb5031881e0db99f502585d571d28384e25b9 (diff) | |
download | OpenCSD-d82287587c8e899bb691575f829e78e9a292009a.tar.gz |
opencsd: etm4: fix overrun error in p0 stack erase from front. (github #53, #58)
Possible overrun error when using iterators in mispredictAtoms.
Fix p0 stack to ensure iterator cannot run past end() element & correctly
take reference on element for later deleting after iterator is erased.
Reported-by yabinc <yabinc@google.com> (github issue #53, #58)
Signed-off-by: Mike Leach <mike.leach@linaro.org>
-rw-r--r-- | decoder/source/etmv4/trc_etmv4_stack_elem.cpp | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/decoder/source/etmv4/trc_etmv4_stack_elem.cpp b/decoder/source/etmv4/trc_etmv4_stack_elem.cpp index a5d8894..be7221c 100644 --- a/decoder/source/etmv4/trc_etmv4_stack_elem.cpp +++ b/decoder/source/etmv4/trc_etmv4_stack_elem.cpp @@ -181,13 +181,18 @@ TrcStackElem *EtmV4P0Stack::from_front_next() void EtmV4P0Stack::erase_curr_from_front() { std::deque<TrcStackElem *>::iterator erase_iter; + erase_iter = m_iter; erase_iter--; - m_P0_stack.erase(erase_iter); + TrcStackElem* pElem = *erase_iter; + + // prevent overrun if we are erasing the last element + // - end() returned if no elements after the erased one. + m_iter = m_P0_stack.erase(erase_iter); // explicitly delete the item here as the caller can no longer reference it. // fixes memory leak from github issue #52 - delete *erase_iter; + delete pElem; } |