[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-inetutils] [patch] buffer released too early
|
From: |
Pedro Alves |
|
Subject: |
[bug-inetutils] [patch] buffer released too early |
|
Date: |
Sun, 02 Sep 2007 23:36:50 +0100 |
|
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.8.1.6) Gecko/20070728 Thunderbird/2.0.0.6 Mnenhy/0.7.5.0 |
(please cc me)
Hi all,
I was testing a half baked port of rcp to ARM Windows CE, and
was seeing some memory corruptions. It turned out the culprit
was that a buffer is being released, and the dangling pointer
is used afterwards. My malloc implementation was returning
the just released memory on the next opendir call, and, then,
well, it should be pretty obvious.
The attached patch is against 1.5, but looking at webcvs
I see that the same problem still exists on head.
It fixes the problem with my port. I didn't test it with
anything else.
Cheers,
Pedro Alves
2007-09-02 Pedro Alves <address@hidden>
* rcp/rcp.c: Delay buf release to after source call.
*** rcp/rcp.c.org Sun Sep 2 22:58:42 2007
--- rcp/rcp.c Sun Sep 2 22:59:48 2007
*************** rsource (char *name, struct stat *statp)
*** 655,663 ****
sprintf (buf, "%s/%s", name, dp->d_name);
vect[0] = buf;
- free (buf);
source(1, vect);
}
closedir (dirp);
--- 655,663 ----
sprintf (buf, "%s/%s", name, dp->d_name);
vect[0] = buf;
source(1, vect);
+ free (buf);
}
closedir (dirp);
- [bug-inetutils] [patch] buffer released too early,
Pedro Alves <=