From bba393ad76c24436453425acef261d587a9e9a8b Mon Sep 17 00:00:00 2001 From: Ivan Maidanski Date: Fri, 6 Apr 2018 09:32:12 +0300 Subject: [PATCH] Fix null pointer dereference in get_private_path_and_zero_file (Symbian) (back-port of commit 9d019e2e from 'master') * extra/symbian.cpp (GC_get_private_path_and_zero_file): Do not call memcpy() if allocation of copyChar is failed. * os_dep.c [MMAP_SUPPORTED && !USE_MMAP_ANON] (zero_fd): Initialize global variable to -1 (instead of 0). * os_dep.c [MMAP_SUPPORTED && !USE_MMAP_ANON && SYMBIAN] (GC_unix_mmap_get_mem): Do not call open() and free() if path is NULL. --- extra/symbian.cpp | 3 ++- os_dep.c | 10 ++++++---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/extra/symbian.cpp b/extra/symbian.cpp index 94dd4de4..8fdee6f3 100644 --- a/extra/symbian.cpp +++ b/extra/symbian.cpp @@ -45,7 +45,8 @@ char* GC_get_private_path_and_zero_file() size_t size = path8.Length() + 1; char* copyChar = (char*) malloc( size ); - memcpy( copyChar, path8.PtrZ(), size ); + if (copyChar) + memcpy( copyChar, path8.PtrZ(), size ); return copyChar; // ownership passed } diff --git a/os_dep.c b/os_dep.c index 45ffe44a..b4cb05c3 100644 --- a/os_dep.c +++ b/os_dep.c @@ -2027,7 +2027,7 @@ void GC_register_data_segments(void) # define OPT_MAP_ANON MAP_ANON # endif #else - static int zero_fd; + static int zero_fd = -1; # define OPT_MAP_ANON 0 #endif @@ -2045,9 +2045,11 @@ STATIC ptr_t GC_unix_mmap_get_mem(size_t bytes) if (!EXPECT(initialized, TRUE)) { # ifdef SYMBIAN - char* path = GC_get_private_path_and_zero_file(); - zero_fd = open(path, O_RDWR | O_CREAT, 0666); - free(path); + char *path = GC_get_private_path_and_zero_file(); + if (path != NULL) { + zero_fd = open(path, O_RDWR | O_CREAT, 0666); + free(path); + } # else zero_fd = open("/dev/zero", O_RDONLY); # endif -- 2.40.0