[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[hurd] 07/98: proc: fix a use-after-free error
|
From: |
Samuel Thibault |
|
Subject: |
[hurd] 07/98: proc: fix a use-after-free error |
|
Date: |
Tue, 14 Jan 2014 01:59:58 +0000 |
This is an automated email from the git hooks/post-receive script.
sthibault pushed a commit to branch upstream
in repository hurd.
commit 20fdd28047bfe8fabb7cebbda49386f4cab3c020
Author: Justus Winter <address@hidden>
Date: Wed Nov 6 14:55:47 2013 +0100
proc: fix a use-after-free error
If we have to create a new process group, we have to do this before
leaving the current one. The current process group is deallocated if
the process is the last process in that group. Likewise, if the
current group was the last group in the current groups session, the
session is deallocated.
Found using the Clang Static Analyzer.
* proc/pgrp.c (S_proc_setpgrp): Fix use-after-free error.
---
proc/pgrp.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/proc/pgrp.c b/proc/pgrp.c
index d4ea9ee..a828e17 100644
--- a/proc/pgrp.c
+++ b/proc/pgrp.c
@@ -341,8 +341,14 @@ S_proc_setpgrp (struct proc *callerp,
if (p->p_pgrp != pg)
{
+ /* If we have to create a new pgrp, we have to do this before
+ leaving the current one. p->p_pgrp is deallocated if p is
+ the last process in that group. Likewise, if p->p_pgrp was
+ the last group in p->p_pgrp->pg_session, the session is
+ deallocated. */
+ struct pgrp *new = pg ? pg : new_pgrp (pgid, p->p_pgrp->pg_session);
leave_pgrp (p);
- p->p_pgrp = pg ? pg : new_pgrp (pgid, p->p_pgrp->pg_session);
+ p->p_pgrp = new;
join_pgrp (p);
}
else
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-hurd/hurd.git
- [hurd] 77/98: trans/fakeroot: fix ownership of newly created files, (continued)
- [hurd] 77/98: trans/fakeroot: fix ownership of newly created files, Samuel Thibault, 2014/01/13
- [hurd] 64/98: libihash: remove dead code, Samuel Thibault, 2014/01/13
- [hurd] 74/98: trans: unlock nodes with faked attributes in fakeroot, Samuel Thibault, 2014/01/13
- [hurd] 75/98: console-client: remove spurious pthread_spin_unlocks, Samuel Thibault, 2014/01/13
- [hurd] 62/98: trans: make the fakeroot environment more transparent, Samuel Thibault, 2014/01/13
- [hurd] 14/98: proc: turn count_up and store_pid into normal functions, Samuel Thibault, 2014/01/13
- [hurd] 67/98: trans: handle invalid responses to dir_lookup requests in fakeroot, Samuel Thibault, 2014/01/13
- [hurd] 78/98: trans/fakeroot: drop else, Samuel Thibault, 2014/01/13
- [hurd] 13/98: term: fix error handling in hurdio_mdmctl, Samuel Thibault, 2014/01/13
- [hurd] 08/98: proc: fix error handling in S_proc_exception_raise, Samuel Thibault, 2014/01/13
- [hurd] 07/98: proc: fix a use-after-free error,
Samuel Thibault <=
- [hurd] 18/98: libdiskfs: remove dead assignment, Samuel Thibault, 2014/01/13
- [hurd] 60/98: trans: fix the creation of files in fakeroot, Samuel Thibault, 2014/01/13
- [hurd] 69/98: trans: return nodes locked when creating fake nodes in fakeroot, Samuel Thibault, 2014/01/13
- [hurd] 20/98: ext2fs: fix error handling, Samuel Thibault, 2014/01/13
- [hurd] 21/98: libshouldbeinlibc: fix dead assignment, Samuel Thibault, 2014/01/13
- [hurd] 93/98: trans/mtab: make the translator multithreaded, Samuel Thibault, 2014/01/13
- [hurd] 05/98: proc: remove declaration of nested functions from proc.h, Samuel Thibault, 2014/01/13
- [hurd] 15/98: mach-defpager: include errno.h, Samuel Thibault, 2014/01/13
- [hurd] 91/98: trans/mtab: remove the loop detection logic, Samuel Thibault, 2014/01/13
- [hurd] 97/98: libnetfs: register passive translator startups, Samuel Thibault, 2014/01/13