This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH v1.1][BZ #15308] _dl_sort_fini reads memory already freed in dl-libc.c's libc_freeres
- From: OndÅej BÃlka <neleai at seznam dot cz>
- To: Andreas Schwab <schwab at linux-m68k dot org>
- Cc: libc-alpha at sourceware dot org
- Date: Mon, 14 Oct 2013 11:38:37 +0200
- Subject: [PATCH v1.1][BZ #15308] _dl_sort_fini reads memory already freed in dl-libc.c's libc_freeres
- Authentication-results: sourceware.org; auth=none
- References: <20131011181557 dot GA20916 at domone dot podge> <87li1ztui4 dot fsf at igel dot home>
On Fri, Oct 11, 2013 at 10:36:35PM +0200, Andreas Schwab wrote:
> OndÅej BÃlka <neleai@seznam.cz> writes:
>
> > * elf/dl-libc.c (libc_freeres_fn): Fix invalid read.
>
> This is not a good change log. It should say "Clear initfini list after
> freeing".
>
> Andreas.
>
> --
> Andreas Schwab, schwab@linux-m68k.org
> GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
> "And now for something completely different."
OK with this changelog?
--
* elf/dl-libc.c (libc_freeres_fn): Clear initfini list after freeing.
diff --git a/elf/dl-libc.c b/elf/dl-libc.c
index aba0d1a..397d898 100644
--- a/elf/dl-libc.c
+++ b/elf/dl-libc.c
@@ -286,6 +286,7 @@ libc_freeres_fn (free_mem)
/* Free the initfini dependency list. */
if (l->l_free_initfini)
free (l->l_initfini);
+ l->l_initfini = NULL;
}
if (__builtin_expect (GL(dl_ns)[ns]._ns_global_scope_alloc, 0) != 0