From 2ad073ec6d4e2be967f18c9907844404a7eed42e Mon Sep 17 00:00:00 2001
From: Andrew Kelley <andrew@ziglang.org>
Date: Mon, 12 Jun 2023 19:09:30 -0700
Subject: link/Plan9: fix UAF of symbol names

Long term, linker backends will need to manage their own string tables
for things like this because my mandate is: no long-lived pointers
allowed in any of the codepaths touched by incremental compilation, so
that we can serialize and deserialize trivially.

Short term, I solved this with a couple calls to Allocator.dupe,
incurring some harmless leaks.
---
 src/link/Plan9.zig | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/link')

diff --git a/src/link/Plan9.zig b/src/link/Plan9.zig
index 2606dd7aac..c08754b57a 100644
--- a/src/link/Plan9.zig
+++ b/src/link/Plan9.zig
@@ -441,7 +441,7 @@ fn updateFinish(self: *Plan9, decl_index: Module.Decl.Index) !void {
     const sym: aout.Sym = .{
         .value = undefined, // the value of stuff gets filled in in flushModule
         .type = decl_block.type,
-        .name = mod.intern_pool.stringToSlice(decl.name),
+        .name = try self.base.allocator.dupe(u8, mod.intern_pool.stringToSlice(decl.name)),
     };
 
     if (decl_block.sym_index) |s| {
@@ -741,7 +741,7 @@ fn addDeclExports(
         const sym = .{
             .value = decl_block.offset.?,
             .type = decl_block.type.toGlobal(),
-            .name = exp_name,
+            .name = try self.base.allocator.dupe(u8, exp_name),
         };
 
         if (metadata.getExport(self, exp_name)) |i| {
-- 
cgit v1.2.3