Movatterモバイル変換

This is the mail archive of thelibc-alpha@sourceware.orgmailing list for theglibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] iconv_open: Fix heap corruption on gconv_init failure [BZ #22026]

From: Andreas Schwab <schwab at suse dot de>
To: fweimer at redhat dot com (Florian Weimer)
Cc: libc-alpha at sourceware dot org
Date: Tue, 29 Aug 2017 17:06:57 +0200
Subject: Re: [PATCH] iconv_open: Fix heap corruption on gconv_init failure [BZ #22026]
Authentication-results: sourceware.org; auth=none
References: <20170829145554.680BF4015E8BE@oldenburg.str.redhat.com>

On Aug 29 2017, fweimer@redhat.com (Florian Weimer) wrote:> diff --git a/iconv/gconv_db.c b/iconv/gconv_db.c> index b748467de5..de3e5d92fe 100644> --- a/iconv/gconv_db.c> +++ b/iconv/gconv_db.c> @@ -318,9 +318,12 @@ gen_steps (struct derivation_step *best, const char *toset,>    if (__builtin_expect (status, __GCONV_OK) != __GCONV_OK)>      {>        failed = 1;> -      /* Make sure we unload this modules.  */> -      --step_cnt;> +      /* Do not call the end function because the init> + function has failed.  */>        result[step_cnt].__end_fct = NULL;> +# ifdef PTR_MANGLE> +      PTR_MANGLE (result[step_cnt].__end_fct);> +# endifYou still need to decrement step_cnt, otherwise you have a resourceleak.Andreas.-- Andreas Schwab, SUSE Labs, schwab@suse.deGPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7"And now for something completely different."

Follow-Ups:
- Re: [PATCH] iconv_open: Fix heap corruption on gconv_init failure [BZ #22026]
  - From: Florian Weimer

References:
- [PATCH] iconv_open: Fix heap corruption on gconv_init failure [BZ #22026]
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

[8]ページ先頭