Home Explore Help
Register Sign In
oss
/
uclibc-ng
4
1
Fork 0
Files Issues 3 Pull Requests 0 Wiki
Browse Source

uClibc 0.9.19 has a bug in globfree(). If the previous call to
glob(...,pglob) used the GLOB_DOOFFS flag to reserve the first
pglob->gl_offs slots of pglob->gl_pathv, globfree(pglob) would attempt
to free the objects pointed to by those slots. If those objects were not
on the heap, the system would crash.

The attached patch fixes this.

Norm

Eric Andersen 22 years ago
parent
80e9ca2206
commit
2cb53e303f
1 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 2 2
      libc/misc/glob/glob.c

+ 2 - 2
libc/misc/glob/glob.c
View File 

@@ -260,8 +260,8 @@ globfree (pglob)
 
 {
 
   if (pglob->gl_pathv != NULL)
 
     {
 
-      register int i;
 
-      for (i = 0; i < pglob->gl_pathc; ++i)
 
+      register int i = pglob->gl_flags & GLOB_DOOFFS? pglob->gl_offs : 0;
 
+      for (; i < pglob->gl_pathc; ++i)
 
 	if (pglob->gl_pathv[i] != NULL)
 
 	  free ((__ptr_t) pglob->gl_pathv[i]);
 
       free ((__ptr_t) pglob->gl_pathv);