From: Rich Felker Date: Fri, 19 Sep 2014 16:28:45 +0000 (-0400) Subject: fix linked list corruption in flockfile lists X-Git-Tag: v1.1.5~14 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3e936ce81bbbcc968f576aedbd5203621839f152;p=musl fix linked list corruption in flockfile lists commit 5345c9b884e7c4e73eb2c8bb83b8d0df20f95afb added a linked list to track the FILE streams currently locked (via flockfile) by a thread. due to a failure to fully link newly added members, removal from the list could leave behind references which could later result in writes to already-freed memory and possibly other memory corruption. implicit stdio locking was unaffected; the list is only used in conjunction with explicit flockfile locking. this bug was not present in any releases; it was introduced and fixed during the same release cycle. patch by Timo Teräs, who discovered and tracked down the bug. --- diff --git a/src/stdio/ftrylockfile.c b/src/stdio/ftrylockfile.c index 6f9a4b88..eb13c839 100644 --- a/src/stdio/ftrylockfile.c +++ b/src/stdio/ftrylockfile.c @@ -34,6 +34,7 @@ int ftrylockfile(FILE *f) f->lockcount = 1; f->prev_locked = 0; f->next_locked = self->stdio_locks; + if (f->next_locked) f->next_locked->prev_locked = f; self->stdio_locks = f; return 0; }