diff options
author | Rich Felker <dalias@aerifal.cx> | 2014-09-19 12:28:45 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2014-09-19 12:28:45 -0400 |
commit | 3e936ce81bbbcc968f576aedbd5203621839f152 (patch) | |
tree | 471e939061e3ac2d6c124f032c6ca165c8028be9 /src | |
parent | 18daae313531ed597d0f6227d15af00b04b104c8 (diff) | |
download | musl-3e936ce81bbbcc968f576aedbd5203621839f152.tar.gz musl-3e936ce81bbbcc968f576aedbd5203621839f152.tar.bz2 musl-3e936ce81bbbcc968f576aedbd5203621839f152.tar.xz musl-3e936ce81bbbcc968f576aedbd5203621839f152.zip |
fix linked list corruption in flockfile lists
commit 5345c9b884e7c4e73eb2c8bb83b8d0df20f95afb added a linked list to
track the FILE streams currently locked (via flockfile) by a thread.
due to a failure to fully link newly added members, removal from the
list could leave behind references which could later result in writes
to already-freed memory and possibly other memory corruption.
implicit stdio locking was unaffected; the list is only used in
conjunction with explicit flockfile locking.
this bug was not present in any releases; it was introduced and fixed
during the same release cycle.
patch by Timo Teräs, who discovered and tracked down the bug.
Diffstat (limited to 'src')
-rw-r--r-- | src/stdio/ftrylockfile.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/stdio/ftrylockfile.c b/src/stdio/ftrylockfile.c index 6f9a4b88..eb13c839 100644 --- a/src/stdio/ftrylockfile.c +++ b/src/stdio/ftrylockfile.c @@ -34,6 +34,7 @@ int ftrylockfile(FILE *f) f->lockcount = 1; f->prev_locked = 0; f->next_locked = self->stdio_locks; + if (f->next_locked) f->next_locked->prev_locked = f; self->stdio_locks = f; return 0; } |