[rpms/gdb] gdb-17.2-rebase-f44: Backport upstream fix for RHBZ 2237515

[rpms/gdb] gdb-17.2-rebase-f44: Backport upstream fix for RHBZ 2237515

[Andrew Burgess]

            A new commit has been pushed.

            Repo   : rpms/gdb
            Branch : gdb-17.2-rebase-f44
            Commit : 60fc6a1e0f8ab38f6e3f19814fea2786c9813c68
            Author : Andrew Burgess <aburgess@redhat.com>
            Date   : 2023-09-13T15:31:17+01:00
            Stats  : +111/-0 in 5 file(s)
            URL    : https://src.fedoraproject.org/rpms/gdb/c/60fc6a1e0f8ab38f6e3f19814fea2786c9813c68?branch=gdb-17.2-rebase-f44

            Log:
            Backport upstream fix for RHBZ 2237515

Backport upstream commit f96328accde1e63 to fix a potential double
free issue in the debuginfod code (RHBZ 2237515).

---
diff --git a/_gdb.spec.Patch.include b/_gdb.spec.Patch.include
index 5764017..ac17a1d 100644
--- a/_gdb.spec.Patch.include
+++ b/_gdb.spec.Patch.include
@@ -207,3 +207,7 @@ Patch046: gdb-rhbz2160211-excessive-core-file-warnings.patch
 # when debuginfod makes use of particular openssl settings.
 Patch047: gdb-bz2196395-debuginfod-legacy-openssl-crash.patch
 
+# Backport upstream commit f96328accde1e63 to fix a potential double
+# free issue in the debuginfod code.
+Patch048: gdb-bz2237515-debuginfod-double-free.patch
+

diff --git a/_gdb.spec.patch.include b/_gdb.spec.patch.include
index 8258dc9..ef55dd0 100644
--- a/_gdb.spec.patch.include
+++ b/_gdb.spec.patch.include
@@ -45,3 +45,4 @@
 %patch -p1 -P045
 %patch -p1 -P046
 %patch -p1 -P047
+%patch -p1 -P048

diff --git a/_patch_order b/_patch_order
index ef3567d..d90b52f 100644
--- a/_patch_order
+++ b/_patch_order
@@ -45,3 +45,4 @@ gdb-binutils29988-read_indexed_address.patch
 gdb-rhbz2192105-ftbs-dangling-pointer
 gdb-rhbz2160211-excessive-core-file-warnings.patch
 gdb-bz2196395-debuginfod-legacy-openssl-crash.patch
+gdb-bz2237515-debuginfod-double-free.patch

diff --git a/gdb-bz2237515-debuginfod-double-free.patch b/gdb-bz2237515-debuginfod-double-free.patch
new file mode 100644
index 0000000..9d72639
--- /dev/null
+++ b/gdb-bz2237515-debuginfod-double-free.patch
@@ -0,0 +1,102 @@
+From FEDORA_PATCHES Mon Sep 17 00:00:00 2001
+From: Tom Tromey <tromey@adacore.com>
+Date: Tue, 6 Dec 2022 12:07:12 -0700
+Subject: gdb-bz2237515-debuginfod-double-free.patch
+
+;; Backport upstream commit f96328accde1e63 to fix a potential double
+;; free issue in the debuginfod code.
+
+Avoid double-free with debuginfod
+
+PR gdb/29257 points out a possible double free when debuginfod is in
+use.  Aside from some ugly warts in the symbol code (an ongoing
+issue), the underlying issue in this particular case is that elfread.c
+seems to assume that symfile_bfd_open will return NULL on error,
+whereas in reality it throws an exception.  As this code isn't
+prepared for an exception, bad things result.
+
+This patch fixes the problem by introducing a non-throwing variant of
+symfile_bfd_open and using it in the affected places.
+
+Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=29257
+
+diff --git a/gdb/elfread.c b/gdb/elfread.c
+--- a/gdb/elfread.c
++++ b/gdb/elfread.c
+@@ -1222,10 +1222,12 @@ elf_symfile_read_dwarf2 (struct objfile *objfile,
+ 
+       if (!debugfile.empty ())
+ 	{
+-	  gdb_bfd_ref_ptr debug_bfd (symfile_bfd_open (debugfile.c_str ()));
++	  gdb_bfd_ref_ptr debug_bfd
++	    (symfile_bfd_open_no_error (debugfile.c_str ()));
+ 
+-	  symbol_file_add_separate (debug_bfd, debugfile.c_str (),
+-				    symfile_flags, objfile);
++	  if (debug_bfd != nullptr)
++	    symbol_file_add_separate (debug_bfd, debugfile.c_str (),
++				      symfile_flags, objfile);
+ 	}
+       else
+ 	{
+@@ -1245,13 +1247,12 @@ elf_symfile_read_dwarf2 (struct objfile *objfile,
+ 	      if (fd.get () >= 0)
+ 		{
+ 		  /* File successfully retrieved from server.  */
+-		  gdb_bfd_ref_ptr debug_bfd (symfile_bfd_open (symfile_path.get ()));
++		  gdb_bfd_ref_ptr debug_bfd
++		    (symfile_bfd_open_no_error (symfile_path.get ()));
+ 
+-		  if (debug_bfd == nullptr)
+-		    warning (_("File \"%s\" from debuginfod cannot be opened as bfd"),
+-			     filename);
+-		  else if (build_id_verify (debug_bfd.get (), build_id->size,
+-					    build_id->data))
++		  if (debug_bfd != nullptr
++		      && build_id_verify (debug_bfd.get (), build_id->size,
++					  build_id->data))
+ 		    {
+ 		      symbol_file_add_separate (debug_bfd, symfile_path.get (),
+ 						symfile_flags, objfile);
+diff --git a/gdb/symfile.c b/gdb/symfile.c
+--- a/gdb/symfile.c
++++ b/gdb/symfile.c
+@@ -1744,6 +1744,23 @@ symfile_bfd_open (const char *name)
+   return sym_bfd;
+ }
+ 
++/* See symfile.h.  */
++
++gdb_bfd_ref_ptr
++symfile_bfd_open_no_error (const char *name) noexcept
++{
++  try
++    {
++      return symfile_bfd_open (name);
++    }
++  catch (const gdb_exception_error &err)
++    {
++      warning ("%s", err.what ());
++    }
++
++  return nullptr;
++}
++
+ /* Return the section index for SECTION_NAME on OBJFILE.  Return -1 if
+    the section was not found.  */
+ 
+diff --git a/gdb/symfile.h b/gdb/symfile.h
+--- a/gdb/symfile.h
++++ b/gdb/symfile.h
+@@ -269,6 +269,11 @@ extern void set_initial_language (void);
+ 
+ extern gdb_bfd_ref_ptr symfile_bfd_open (const char *);
+ 
++/* Like symfile_bfd_open, but will not throw an exception on error.
++   Instead, it issues a warning and returns nullptr.  */
++
++extern gdb_bfd_ref_ptr symfile_bfd_open_no_error (const char *) noexcept;
++
+ extern int get_section_index (struct objfile *, const char *);
+ 
+ extern int print_symbol_loading_p (int from_tty, int mainline, int full);

diff --git a/gdb.spec b/gdb.spec
index 75190c7..3cca409 100644
--- a/gdb.spec
+++ b/gdb.spec
@@ -1252,6 +1252,9 @@ fi
 %endif
 
 %changelog
+* Wed Aug 13 2023 Andrew Burgess <aburgess@redhat.com>
+- Backport upstream commit f96328accde1e63, which fixes RHBZ 2237515.
+
 * Wed Aug  9 2023 Guinevere Larsen <blarsen@redhat.com>
 - Remove gdb-6.7-testsuite-stable-results.patch, it only made the test
   fail more.