summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2014-09-19 12:28:45 -0400
committerRich Felker <dalias@aerifal.cx>2014-09-19 12:28:45 -0400
commit3e936ce81bbbcc968f576aedbd5203621839f152 (patch)
tree471e939061e3ac2d6c124f032c6ca165c8028be9
parent18daae313531ed597d0f6227d15af00b04b104c8 (diff)
downloadmusl-3e936ce81bbbcc968f576aedbd5203621839f152.tar.gz
musl-3e936ce81bbbcc968f576aedbd5203621839f152.tar.bz2
musl-3e936ce81bbbcc968f576aedbd5203621839f152.tar.xz
musl-3e936ce81bbbcc968f576aedbd5203621839f152.zip
fix linked list corruption in flockfile lists
commit 5345c9b884e7c4e73eb2c8bb83b8d0df20f95afb added a linked list to track the FILE streams currently locked (via flockfile) by a thread. due to a failure to fully link newly added members, removal from the list could leave behind references which could later result in writes to already-freed memory and possibly other memory corruption. implicit stdio locking was unaffected; the list is only used in conjunction with explicit flockfile locking. this bug was not present in any releases; it was introduced and fixed during the same release cycle. patch by Timo Teräs, who discovered and tracked down the bug.
-rw-r--r--src/stdio/ftrylockfile.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/stdio/ftrylockfile.c b/src/stdio/ftrylockfile.c
index 6f9a4b88..eb13c839 100644
--- a/src/stdio/ftrylockfile.c
+++ b/src/stdio/ftrylockfile.c
@@ -34,6 +34,7 @@ int ftrylockfile(FILE *f)
f->lockcount = 1;
f->prev_locked = 0;
f->next_locked = self->stdio_locks;
+ if (f->next_locked) f->next_locked->prev_locked = f;
self->stdio_locks = f;
return 0;
}