Fix null pointer dereference in get_private_path_and_zero_file (Symbian)

(back-port of commit 9d019e2e from 'master')

* extra/symbian.cpp (GC_get_private_path_and_zero_file): Do not call
memcpy() if allocation of copyChar is failed.
* os_dep.c [MMAP_SUPPORTED && !USE_MMAP_ANON] (zero_fd): Initialize
global variable to -1 (instead of 0).
* os_dep.c [MMAP_SUPPORTED && !USE_MMAP_ANON && SYMBIAN]
(GC_unix_mmap_get_mem): Do not call open() and free() if path is NULL.

diff --git a/extra/symbian.cpp b/extra/symbian.cpp
index 94dd4de4f386b766fd681b6482c9900e93f109e2..8fdee6f3400ca962949e280d941c6a9c18bfb7d6 100644 (file)
--- a/extra/symbian.cpp
+++ b/extra/symbian.cpp
@@ -45,7 +45,8 @@ char* GC_get_private_path_and_zero_file()
 
     size_t size = path8.Length() + 1;
     char* copyChar = (char*) malloc( size );
-    memcpy( copyChar, path8.PtrZ(), size );
+    if (copyChar)
+        memcpy( copyChar, path8.PtrZ(), size );
 
     return copyChar; // ownership passed
     }

diff --git a/os_dep.c b/os_dep.c
index 45ffe44aac6e1ae2832fe85a389bb9fccc35138b..b4cb05c344f78a5414a95d25b248b7cc93f75c80 100644 (file)
--- a/os_dep.c
+++ b/os_dep.c
@@ -2027,7 +2027,7 @@ void GC_register_data_segments(void)
 #   define OPT_MAP_ANON MAP_ANON
 # endif
 #else
-  static int zero_fd;
+  static int zero_fd = -1;
 # define OPT_MAP_ANON 0
 #endif
 
@@ -2045,9 +2045,11 @@ STATIC ptr_t GC_unix_mmap_get_mem(size_t bytes)
 
       if (!EXPECT(initialized, TRUE)) {
 #       ifdef SYMBIAN
-          char* path = GC_get_private_path_and_zero_file();
-          zero_fd = open(path, O_RDWR | O_CREAT, 0666);
-          free(path);
+          char *path = GC_get_private_path_and_zero_file();
+          if (path != NULL) {
+            zero_fd = open(path, O_RDWR | O_CREAT, 0666);
+            free(path);
+          }
 #       else
           zero_fd = open("/dev/zero", O_RDONLY);
 #       endif