Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-8]: src/lib/libutil Pull up following revision(s) (requested by k...



details:   https://anonhg.NetBSD.org/src/rev/5ae80b0a06b6
branches:  netbsd-8
changeset: 435113:5ae80b0a06b6
user:      martin <martin%NetBSD.org@localhost>
date:      Thu Jul 12 15:24:43 2018 +0000

description:
Pull up following revision(s) (requested by kamil in ticket #901):

        lib/libutil/pty.c: revision 1.32

Fix stack use after scope in libutil/pty

The pt variable's elements are used after the end of the pt scope.

A move of pt to outer scope fixes this.

Detected with MKSANITIZER/ASan with tmux(1), a forkpty(3) user.

diffstat:

 lib/libutil/pty.c |  6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diffs (34 lines):

diff -r 68291915fd02 -r 5ae80b0a06b6 lib/libutil/pty.c
--- a/lib/libutil/pty.c Thu Jul 12 15:18:45 2018 +0000
+++ b/lib/libutil/pty.c Thu Jul 12 15:24:43 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: pty.c,v 1.31 2009/02/20 16:44:06 christos Exp $        */
+/*     $NetBSD: pty.c,v 1.31.38.1 2018/07/12 15:24:43 martin Exp $     */
 
 /*-
  * Copyright (c) 1990, 1993, 1994
@@ -34,7 +34,7 @@
 #if 0
 static char sccsid[] = "@(#)pty.c      8.3 (Berkeley) 5/16/94";
 #else
-__RCSID("$NetBSD: pty.c,v 1.31 2009/02/20 16:44:06 christos Exp $");
+__RCSID("$NetBSD: pty.c,v 1.31.38.1 2018/07/12 15:24:43 martin Exp $");
 #endif
 #endif /* LIBC_SCCS and not lint */
 
@@ -70,6 +70,7 @@
        mode_t mode;
        struct group grs, *grp;
        char grbuf[1024];
+       struct ptmget pt;
 
        _DIAGASSERT(amaster != NULL);
        _DIAGASSERT(aslave != NULL);
@@ -78,7 +79,6 @@
        /* winp may be NULL */
 
        if ((master = open("/dev/ptm", O_RDWR)) != -1) {
-               struct ptmget pt;
                if (ioctl(master, TIOCPTMGET, &pt) != -1) {
                        (void)close(master);
                        master = pt.cfd;



Home | Main Index | Thread Index | Old Index