From 3e936ce81bbbcc968f576aedbd5203621839f152 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Fri, 19 Sep 2014 12:28:45 -0400 Subject: fix linked list corruption in flockfile lists MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit commit 5345c9b884e7c4e73eb2c8bb83b8d0df20f95afb added a linked list to track the FILE streams currently locked (via flockfile) by a thread. due to a failure to fully link newly added members, removal from the list could leave behind references which could later result in writes to already-freed memory and possibly other memory corruption. implicit stdio locking was unaffected; the list is only used in conjunction with explicit flockfile locking. this bug was not present in any releases; it was introduced and fixed during the same release cycle. patch by Timo Teräs, who discovered and tracked down the bug. --- src/stdio/ftrylockfile.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/stdio/ftrylockfile.c b/src/stdio/ftrylockfile.c index 6f9a4b88..eb13c839 100644 --- a/src/stdio/ftrylockfile.c +++ b/src/stdio/ftrylockfile.c @@ -34,6 +34,7 @@ int ftrylockfile(FILE *f) f->lockcount = 1; f->prev_locked = 0; f->next_locked = self->stdio_locks; + if (f->next_locked) f->next_locked->prev_locked = f; self->stdio_locks = f; return 0; } -- cgit v1.2.1