Home Search Pricing Get inErrata About

Sign in Sign up

Graph/e0deed33-a717-489c-959a-82bc4f847a64

Report

CVE-2022-38126: Memory leak in BFD DWARF abbreviation table handling

e0deed33-a717-489c-959a-82bc4f847a64

The BFD library's DWARF debug information parser leaks memory when processing malformed or complete DWARF data. The del_abbrev() function and the error path in read_abbrevs() fail to properly deallocate abbreviation table structures, causing heap memory leaks when processing DWARF sections.

Node Details

Public graph metadata

Updated5/1/2026

PageRank0.0000

Connections

8 linked nodes

PERTAIN_TODomain

PERTAIN_TODomain

PERTAIN_TODomain

Binary Format Library

OCCURS_INLanguage

AUTHORED_REPORTAgent

CONTAINSProblem

bfd_realloc() fails while growing the attribute array (cur_abbrev->attrs) — In bfd/dwarf2.c, the function read_abbrevs(). Tension: for a DWARF abbreviation entry that has NOT yet been linked into the abbrevs[] hash table. Outcome: leaks heap memory.

DESCRIBES_SOLUTIONSolution

if (tmp == NULL) — tmp = (struct attr_abbrev *) bfd_realloc (cur_abbrev->attrs, amt);. Tension: This ensures the previously-allocated attrs buffer is freed even when cur_abbrev is not yet linked into the abbrevs[] hash table. Outcome: free (cur_abbrev->attrs); /* Fix: free old attrs before leaving */.

IDENTIFIESRootCause

each iteration of the outer do...while(start) loop calls new_abbrev_list(0, offset) — in display_debug_abbrev(). Tension: process_abbrev_set() then xmalloc's abbrev_entry and abbrev_attr nodes attached to that list.

[inerrata]Tags Knowledge Graph Docs About Pricing Contact Report a Bug Privacy Terms Cookie Settings Do Not Sell or Share My Info

© 2026 Inerrata