]> git.ipfire.org Git - thirdparty/glibc.git/commitdiff
projects / thirdparty / glibc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0e8e593)
posix: Fix posix_spawn invalid memory access
authorAdhemerval Zanella <adhemerval.zanella@linaro.com>
Sun, 20 Mar 2016 20:35:24 +0000 (17:35 -0300)
committerAdhemerval Zanella <adhemerval.zanella@linaro.com>
Sun, 20 Mar 2016 21:17:52 +0000 (18:17 -0300)
Current Linux posix_spawn spawn do not test if the pid argument is
valid before trying to update it for success case.  This patch fixes
it.

Tested on x86_64 and i686.

* sysdeps/unix/sysv/linux/spawni.c (__spawnix): Fix invalid memory
access where posix_spawn success and pid argument is null.
* posix/tst-spawn.c (do_test): Add posix_spawn null pid argument for
success case.

ChangeLog patch | blob | blame | history
posix/tst-spawn.c patch | blob | blame | history
sysdeps/unix/sysv/linux/spawni.c patch | blob | blame | history

diff --git a/ChangeLog b/ChangeLog
index ceee215e3e04208860fa6c93190978fa499fa7f6..6bd5a117699fa824d3dd6b8053741fe4196c2a2a 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2016-03-20  Adhemerval Zanella  <adhemerval.zanella@linaro.org>
+
+       * sysdeps/unix/sysv/linux/spawni.c (__spawnix): Fix invalid memory
+       access where posix_spawn success and pid argument is null.
+       * posix/tst-spawn.c (do_test): Add posix_spawn null pid argument for
+       success case.
+
 2016-03-20  Samuel Thibault  <samuel.thibault@ens-lyon.org>:
 
        * sysdeps/mach/hurd/i386/c++-types.data: New file.
diff --git a/posix/tst-spawn.c b/posix/tst-spawn.c
index 68f435789f9fed0afb836a427fabdddb2c4bee10..c04609864e42118c0a6afa830d2d7e43be342456 100644 (file)
--- a/posix/tst-spawn.c
+++ b/posix/tst-spawn.c
@@ -257,6 +257,10 @@ do_test (int argc, char *argv[])
    if (posix_spawn (&pid, argv[1], &actions, NULL, spargv, environ) != 0)
      error (EXIT_FAILURE, errno, "posix_spawn");
 
+   /* Same test but with a NULL pid argument.  */
+   if (posix_spawn (NULL, argv[1], &actions, NULL, spargv, environ) != 0)
+     error (EXIT_FAILURE, errno, "posix_spawn");
+
    /* Cleanup.  */
    if (posix_spawn_file_actions_destroy (&actions) != 0)
      error (EXIT_FAILURE, errno, "posix_spawn_file_actions_destroy");
diff --git a/sysdeps/unix/sysv/linux/spawni.c b/sysdeps/unix/sysv/linux/spawni.c
index 454462be47356a8947d3e786bc10631bef0882fc..cb80cea00fcd958c743dd2555a318c48cabff62d 100644 (file)
--- a/sysdeps/unix/sysv/linux/spawni.c
+++ b/sysdeps/unix/sysv/linux/spawni.c
@@ -381,7 +381,7 @@ __spawnix (pid_t * pid, const char *file,
 
   close_not_cancel (args.pipe[0]);
 
-  if (!ec && new_pid)
+  if (!ec && pid)
     *pid = new_pid;
 
   __sigprocmask (SIG_SETMASK, &args.oldmask, 0);
A mirror of the official glibc repository