From 394227b2f91917af50116dd97e5055742a2cce28 Mon Sep 17 00:00:00 2001 From: Maciej Date: Fri, 4 Feb 2022 19:35:38 +0100 Subject: [PATCH] LibCoredump: Fix use-after-free in Backtrace::object_info_for_region() The first line was creating a StringView object with region name. Then, if the path didn't start with '/', it had assigned a String made from a temporary LexicalPath join result. This fixes the bug that only main executable's frames were displayed. --- Userland/Libraries/LibCoredump/Backtrace.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Userland/Libraries/LibCoredump/Backtrace.cpp b/Userland/Libraries/LibCoredump/Backtrace.cpp index fca165c4d5..9344eae399 100644 --- a/Userland/Libraries/LibCoredump/Backtrace.cpp +++ b/Userland/Libraries/LibCoredump/Backtrace.cpp @@ -19,7 +19,7 @@ namespace Coredump { ELFObjectInfo const* Backtrace::object_info_for_region(MemoryRegionInfo const& region) { - auto path = region.object_name(); + String path = region.object_name(); if (!path.starts_with('/') && Core::File::looks_like_shared_library(path)) path = LexicalPath::join("/usr/lib", path).string();