Re: lib/58136 (Use after free in libintl pgettext)

To: lib-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,stix%stix.id.au@localhost
Subject: Re: lib/58136 (Use after free in libintl pgettext)
From: gnats-admin%netbsd.org@localhost
Date: Mon, 19 Aug 2024 11:50:02 +0000 (UTC)

The following reply was made to PR lib/58136; it has been noted by GNATS.

From: Paul Ripke <stix%stix.id.au@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: lib/58136 (Use after free in libintl pgettext)
Date: Mon, 19 Aug 2024 21:45:04 +1000

 From my reading of C's behaviour, dereferencing a freed pointer is undefined
 behaviour, obviously. But using the pointer value should not be? Indeed, when
 compiled with clang/llvm, your code results in only one call to free.

 Agreed on the missing test, though. This code is old and crufty, does it have
 any coverage at all? I didn't see any after a brief look.

 -- 
 Paul Ripke
 "Great minds discuss ideas, average minds discuss events, small minds
  discuss people."
 -- Disputed: Often attributed to Eleanor Roosevelt. 1948.

Follow-Ups:
- Re: lib/58136 (Use after free in libintl pgettext)
  - From: Rob Whitlock

Prev by Date: PR/58596 CVS commit: src/sys/net
Next by Date: lib/58618: mbrtocN(3) fails to keep shift state
Previous by Thread: Re: lib/58136 (Use after free in libintl pgettext)
Next by Thread: Re: lib/58136 (Use after free in libintl pgettext)
Indexes:

Home | Main Index | Thread Index | Old Index