chicken-hackers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Chicken-hackers] [PATCH] Another argvector memcpy misuse causing segfau


From: Peter Bex
Subject: [Chicken-hackers] [PATCH] Another argvector memcpy misuse causing segfaults
Date: Sat, 5 Sep 2015 17:24:54 +0200
User-agent: Mutt/1.5.21 (2010-09-15)

Hi all,

Alexander Shendi reported that syntax-tests.scm triggered a segfault
on OpenBSD 5.7, but only when compiling with clang.  I was able to
reproduce it in a VM, and the stack trace pointed to C_apply at
runtime.c:5975.

The stack trace contained a call to C_apply which was called from
C_apply!  That means that in some cases C_apply may call itself,
and it will do so with C_temporary_stack_limit as the argvector.
Then, when the second C_apply copies its argvector onto the
temporary stack, that will trigger an overlapping copy onto the
same memory region.

The attached patch fixes this problem, and I've also found another
suspicious call to memcpy on an argvector which I've also replaced
with memmove, "just in case".  The remaining memcpy calls are only
done with freshly stack-allocated argvectors, so I think those are
fine.

Please apply to master and chicken-5.

Cheers,
Peter

Attachment: 0001-Replace-two-more-memcpy-calls-with-memmove.patch
Description: Text Data

Attachment: signature.asc
Description: Digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]