From nobody Sat Feb 7 05:01:25 2026 Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7F5C71E3DF2 for ; Sun, 18 Jan 2026 06:56:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768719410; cv=none; b=TxRDVbZydDWczbHR4EAisTvz2nr7FozXR03F1KHGkMIRdmZrCq/5VyHxs05xph2NIdkPxUYNF4zu35COboir9kRG+dnAAmjviNbd17qonGZ61bpXkiMXp1D5YUN2CYnlvk1l2qu4zje0cRoa/eMxqLPiDmbIzwdAJ1B0XuyXe3U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1768719410; c=relaxed/simple; bh=0ZTUs8qpdQsFO7x4fl+k8kbBa/K49i4FE0QQzYnFfyo=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=hrU+V7QtGGoDLqdGZ6xTE5S1k/hDk8OQ+ir9nR4Uk16756UVRJZvNeW6o0PigDyZDQXIcSxGSo83YgIrqLJUo/I/JBDpM/7aXEN98SqGN8pkJ89+XbSOAa99WCKigC470gkEZXFxPCFqGd4fBO3Ky+9YEMeee7hgbODD3upiwIA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=itFgYO4W; arc=none smtp.client-ip=209.85.210.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="itFgYO4W" Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-81ef4b87291so1715661b3a.0 for ; Sat, 17 Jan 2026 22:56:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1768719409; x=1769324209; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=IU4SwY2OAS9VPKl86Zf4xaMhtCT0u1DC3H0rGz0U9mA=; b=itFgYO4WepBCfOElilHFBVKKzYZebu703E4kPNynkziKCoKU1nOK4nXZI4O02eD77L PKDyZSf/QyWK8hBY/Zh8sk7icM520LIXODvPTsO0hQMfAHdzTX5Q73YzEA39g//kJAUF Ouukjqy+99QYG3g7VSAdvCAA6GHPKfh5tm0u0R4GZuhfMYaDxErynu6whUzqh7sDfQZj QbLQQGb4hEwvurSoSh1YbF27/z7o7ZSA7xa3CNqNfaxxDwk2vaCb3/NPxHRtwBzD/krn NBucK+P972mAsurF9HW5IEpTuWJZ4v1lGRI/S9ZIXQdd0bK4CsYOBpdk66q3+aAvPdw/ KaCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1768719409; x=1769324209; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=IU4SwY2OAS9VPKl86Zf4xaMhtCT0u1DC3H0rGz0U9mA=; b=f2ttLc38Hf6aFHbeXryiIYeWgq1CmGAMgkQvynYKeYiXIWnGWtk3qjDqAv4DJSlFvy s5dr9nf6ah0Nt9sDxfocIb2gQGMxUrmMnsKLxBNO9xaNto1ae52Bxd3mQ9pBVakNH/DH NDKGMExnHMU4YIWstr4R2UK917Ev8wvJagTfZXwSOC8awB/exLxzbfXXheP0ty/ZdSwF vgcYUpW5FL4Bc10lqOUEE2WDp5DTqC6uydGXQleWM4MuRz3/ihzXXxY1qJtuFYM30zbX OGkvuDj83QMLZE39j7lH7pidkbqbNRerVDe/m+VMGNS1Oh9eqil9LkJl0EtxvSSE/FZK +Qyw== X-Gm-Message-State: AOJu0YwuNH0k+Z2YPPh+G9OE5xi+KyIGV3blLMXBJpsApzutJahv9wQN gXW6VQ+7G4QMCL6ju3BiMauhfC0wOF6Dwd7AHbO9Hp954KkJzBwKwbVg X-Gm-Gg: AY/fxX4IFKYxYBJExqQcgUoazYIcWfbOhBjxi4eFwGVTQ+rXfanC2nFm7zmkkXW9MLZ YkhrX1HmXXQqUo7q+Tgg7CYVf0hR5mEvIBjmN358jYfLA30/lbS2MF3sJLnCC65KJqIVfZDXiYL S1RArhkA0KBPLC9usliIJw+PRdSxH1YcCAvMVlMiXp0Cn/EFS2wEK1hMMCBMF37QJQKwkOyud0s DXvD8NOJyCeRlV9rY4RYdwMdiu6PiRLmLNj3vMXK6YMKRGr6UYPYMUZ6XXz3I7AvHgHpQ7xK5ZG x41pAc8E6ud9CyGM9Dbutp7dcakXrHJPQrI4LQfkNoE4GkXKRUI3ANKDGXn16B/rSwjKXuvfklV uP3IVhaDPgwp1YX3/3tmMDG4+s4BtYcET4AzypsUmrvcUiUTHk9VeF3cWQ9P71hz81ONd41MPT8 ahApnUoh5Z1WFibUEr6sHxZ4jJYBfSO8c0wIfb7MejCmWeB+yHgYdZSOCaUV1iCHmGdz8fYcXVU 0g9ZY5jr7AjfdOCp+vS4EGXRtDZ4Y8eBsHX3j/PTNjWxGw= X-Received: by 2002:a05:6a00:4c9b:b0:81f:50ea:5d97 with SMTP id d2e1a72fcca58-81fa0355280mr6730742b3a.44.1768719408867; Sat, 17 Jan 2026 22:56:48 -0800 (PST) Received: from c8971f1abf06.ap-southeast-2.compute.internal (ec2-54-252-206-51.ap-southeast-2.compute.amazonaws.com. [54.252.206.51]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-81fa1291135sm5879155b3a.47.2026.01.17.22.56.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 17 Jan 2026 22:56:48 -0800 (PST) From: Weigang He To: Josh Poimboeuf , Peter Zijlstra Cc: linux-kernel@vger.kernel.org, Weigang He Subject: [PATCH] objtool: Fix memory leak in elf_alloc_reloc() on realloc failure Date: Sun, 18 Jan 2026 06:56:43 +0000 Message-Id: <20260118065643.924837-1-geoffreyhe2@gmail.com> X-Mailer: git-send-email 2.34.1 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When realloc() fails in elf_alloc_reloc(), the original buffer pointer is overwritten with NULL before the failure is detected. This causes the original buffer to become unreachable, resulting in a memory leak. Fix this by using a temporary variable to hold the realloc() result. If realloc() fails, free the original buffer and set d_buf to NULL to maintain the expected error state before returning -1. This bug is found by my static analysis tool and my code review. Signed-off-by: Weigang He --- tools/objtool/elf.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/tools/objtool/elf.c b/tools/objtool/elf.c index 6a8ed9c62323e..e47c5c4f25314 100644 --- a/tools/objtool/elf.c +++ b/tools/objtool/elf.c @@ -1521,12 +1521,15 @@ static int elf_alloc_reloc(struct elf *elf, struct = section *rsec) memcpy(rsec->data->d_buf, orig_buf, nr_relocs_old * elf_rela_size(elf)); } else { - rsec->data->d_buf =3D realloc(rsec->data->d_buf, - nr_alloc * elf_rela_size(elf)); - if (!rsec->data->d_buf) { + void *new_d_buf =3D realloc(rsec->data->d_buf, + nr_alloc * elf_rela_size(elf)); + if (!new_d_buf) { ERROR_GLIBC("realloc"); + free(rsec->data->d_buf); + rsec->data->d_buf =3D NULL; return -1; } + rsec->data->d_buf =3D new_d_buf; } =20 rsec->nr_alloc_relocs =3D nr_alloc; --=20 2.34.1