]> granicus.if.org Git - strace/commit
projects / strace / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4377e3a) | patch
Fix invalid free in trace_close_memstream
authorPierre Marsais <pierre.marsais@lse.epita.fr>
Sun, 4 Aug 2019 15:39:29 +0000 (16:39 +0100)
committerDmitry V. Levin <ldv@altlinux.org>
Sun, 4 Aug 2019 16:33:30 +0000 (16:33 +0000)
commit7df9a0049e31fdbe3fb14cf5d52a445c7ec2769d
treeb5cc8e8795be04594af5cb8d35f3b702665e0146tree | snapshot
parent4377e3a1535a0ec3a42da8a1366ad6943f4efa0ecommit | diff
Fix invalid free in trace_close_memstream

In maybe_switch_tcbs we exchange the pointers to the memstream's buffers
between 2 tcb, however the libc doesn't know and keeps updating the
tcb->memfptr as if the exchange didn't happen.  This leads to
unsynchronized tcb->memfptr and tcb->outf and invalid frees.
Adding a new indirection fixes the problem.

* stage_output.c (struct staged_output_data): New struct.
(strace_open_memstream, strace_close_memstream): Use it.
* defs.h (struct tcb): Replace real_outf, memfptr, and memfloc
with a pointer to struct staged_output_data.
* strace.c (maybe_switch_tcbs): Use it.
* syscall.c (print_syscall_resume): Ditto.

Signed-off-by: Pierre Marsais <pierre.marsais@lse.epita.fr>
defs.h diff | blob | history
stage_output.c diff | blob | history
strace.c diff | blob | history
syscall.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.