https://gcc.gnu.org/bugzilla/show_bug.cgi?id=92217
Bug ID: 92217
Summary: compiler crash due to get_named_event_id not
initializing extra reallocated memory
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: plugins
Assignee: unassigned at gcc dot gnu.org
Reporter: pageexec at gmail dot com
Target Milestone: ---
When trying to use get_named_event_id/etc for sending events from a plugin,
invoke_plugin_callbacks_full will likely segfault because XNEWVEC/XRESIZEVEC in
get_named_event_id don't initialize the extra part of the new memory block nor
does get_named_event_id memset it explicitly. Next, register_callback will then
link the new callback_info to whatever random memory content is found at
plugin_callbacks[event] and then invoke_plugin_callbacks_full will crash when
it tries to walk there.
This bug has been present since the beginning so I guess noone has ever tested
or used this facility before but it'd still be nice to get it fixed as it
simplifies certain inter-plugin communications a lot.
Thanks,
PaX Team
