diff options
author | Rich Felker <dalias@aerifal.cx> | 2014-08-22 14:05:10 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2015-03-30 01:15:43 -0400 |
commit | 53f270f964ef645a3b6936c336d46f807974175b (patch) | |
tree | f9b7550fc9f8a06b0ce5a8bb72e52585b6a985d7 | |
parent | 6f5544ac2ee55f42d86fb661281e499b49c1a51b (diff) | |
download | musl-53f270f964ef645a3b6936c336d46f807974175b.tar.gz musl-53f270f964ef645a3b6936c336d46f807974175b.tar.bz2 musl-53f270f964ef645a3b6936c336d46f807974175b.tar.xz musl-53f270f964ef645a3b6936c336d46f807974175b.zip |
fix use of uninitialized memory with application-provided thread stacks
the subsequent code in pthread_create and the code which copies TLS
initialization images to the new thread's TLS space assume that the
memory provided to them is zero-initialized, which is true when it's
obtained by pthread_create using mmap. however, when the caller
provides a stack using pthread_attr_setstack, pthread_create cannot
make any assumptions about the contents. simply zero-filling the
relevant memory in this case is the simplest and safest fix.
(cherry picked from commit a6293285e930dbdb0eff47e29b513ca22537b1a2)
-rw-r--r-- | src/thread/pthread_create.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/thread/pthread_create.c b/src/thread/pthread_create.c index 02b966ab..f1d286be 100644 --- a/src/thread/pthread_create.c +++ b/src/thread/pthread_create.c @@ -3,6 +3,7 @@ #include "stdio_impl.h" #include "libc.h" #include <sys/mman.h> +#include <string.h> static void dummy_0() { @@ -161,6 +162,7 @@ int pthread_create(pthread_t *restrict res, const pthread_attr_t *restrict attrp if (need < size/8 && need < 2048) { tsd = stack - __pthread_tsd_size; stack = tsd - libc.tls_size; + memset(stack, 0, need); } else { size = ROUND(need); guard = 0; |