Inicio Explorar Axuda
Rexistro Iniciar sesión
oss
/
uclibc-ng
4
1
Fork 0
Ficheiros Incidencias 3 Pull Requests 0 Wiki
Explorar o código

uClibc 0.9.19 has a bug in globfree(). If the previous call to
glob(...,pglob) used the GLOB_DOOFFS flag to reserve the first
pglob->gl_offs slots of pglob->gl_pathv, globfree(pglob) would attempt
to free the objects pointed to by those slots. If those objects were not
on the heap, the system would crash.

The attached patch fixes this.

Norm

Eric Andersen %!s(int64=23) %!d(string=hai) anos
pai
80e9ca2206
achega
2cb53e303f
Modificáronse 1 ficheiros con 2 adicións e 2 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 2 2
      libc/misc/glob/glob.c

+ 2 - 2
libc/misc/glob/glob.c
Ver ficheiro 

@@ -260,8 +260,8 @@ globfree (pglob)
 
 {
 
   if (pglob->gl_pathv != NULL)
 
     {
 
-      register int i;
 
-      for (i = 0; i < pglob->gl_pathc; ++i)
 
+      register int i = pglob->gl_flags & GLOB_DOOFFS? pglob->gl_offs : 0;
 
+      for (; i < pglob->gl_pathc; ++i)
 
 	if (pglob->gl_pathv[i] != NULL)
 
 	  free ((__ptr_t) pglob->gl_pathv[i]);
 
       free ((__ptr_t) pglob->gl_pathv);