[src/trunk]: src/lib/libc/stdlib Be slightly more careful about freeing memor...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/lib/libc/stdlib Be slightly more careful about freeing memor...
From: tron <tron%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 19:23:37 +0000

details:   https://anonhg.NetBSD.org/src/rev/324d0f150bd4
branches:  trunk
changeset: 757870:324d0f150bd4
user:      tron <tron%NetBSD.org@localhost>
date:      Thu Sep 30 12:41:33 2010 +0000

description:
Be slightly more careful about freeing memory allocated for environment
variables: only free memory if the current value points to the same
memory area as the allocated block. This will prevent crashes if an
application changes the order of the environment array.

Unfortunately this is still not enough to stop zsh 4.2.* from crashing.
zsh 4.3.* works fine before and after this change.

diffstat:

 lib/libc/stdlib/setenv.c   |  11 ++++++-----
 lib/libc/stdlib/unsetenv.c |   7 ++++---
 2 files changed, 10 insertions(+), 8 deletions(-)

diffs (65 lines):

diff -r 4b76bcabdfdd -r 324d0f150bd4 lib/libc/stdlib/setenv.c
--- a/lib/libc/stdlib/setenv.c  Thu Sep 30 09:11:18 2010 +0000
+++ b/lib/libc/stdlib/setenv.c  Thu Sep 30 12:41:33 2010 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: setenv.c,v 1.37 2010/09/25 19:10:37 tron Exp $ */
+/*     $NetBSD: setenv.c,v 1.38 2010/09/30 12:41:33 tron Exp $ */
 
 /*
  * Copyright (c) 1987, 1993
@@ -34,7 +34,7 @@
 #if 0
 static char sccsid[] = "@(#)setenv.c   8.1 (Berkeley) 6/4/93";
 #else
-__RCSID("$NetBSD: setenv.c,v 1.37 2010/09/25 19:10:37 tron Exp $");
+__RCSID("$NetBSD: setenv.c,v 1.38 2010/09/30 12:41:33 tron Exp $");
 #endif
 #endif /* LIBC_SCCS and not lint */
 
@@ -112,14 +112,15 @@
        if ((c = malloc(size + l_value + 2)) == NULL)
                goto bad;
 
+       if (environ[offset] == __environ_malloced[offset])
+               free(__environ_malloced[offset]);
+
        environ[offset] = c;
+       __environ_malloced[offset] = c;
        (void)memcpy(c, name, size);
        c += size;
        *c++ = '=';
 
-       free(__environ_malloced[offset]);
-       __environ_malloced[offset] = environ[offset];
-
 copy:
        (void)memcpy(c, value, l_value + 1);
 good:
diff -r 4b76bcabdfdd -r 324d0f150bd4 lib/libc/stdlib/unsetenv.c
--- a/lib/libc/stdlib/unsetenv.c        Thu Sep 30 09:11:18 2010 +0000
+++ b/lib/libc/stdlib/unsetenv.c        Thu Sep 30 12:41:33 2010 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: unsetenv.c,v 1.8 2010/09/29 00:40:17 enami Exp $       */
+/*     $NetBSD: unsetenv.c,v 1.9 2010/09/30 12:41:33 tron Exp $        */
 
 /*
  * Copyright (c) 1987, 1993
@@ -34,7 +34,7 @@
 #if 0
 static char sccsid[] = "from: @(#)setenv.c     8.1 (Berkeley) 6/4/93";
 #else
-__RCSID("$NetBSD: unsetenv.c,v 1.8 2010/09/29 00:40:17 enami Exp $");
+__RCSID("$NetBSD: unsetenv.c,v 1.9 2010/09/30 12:41:33 tron Exp $");
 #endif
 #endif /* LIBC_SCCS and not lint */
 
@@ -73,7 +73,8 @@
        }
 
        while (__findenv(name, &offset) != NULL) { /* if set multiple times */
-               free(__environ_malloced[offset]);
+               if (environ[offset] == __environ_malloced[offset])
+                       free(__environ_malloced[offset]);
 
                while (environ[offset] != NULL) {
                        environ[offset] = environ[offset + 1];

Prev by Date: [src/trunk]: src/sys/dev/pci use the drawing engine to draw characters so we ...
Next by Date: [src/trunk]: src/distrib/sets/lists/tests Cleanup, sort entries and remove so...
Previous by Thread: [src/trunk]: src/sys/dev/pci use the drawing engine to draw characters so we ...
Next by Thread: [src/trunk]: src/distrib/sets/lists/tests Cleanup, sort entries and remove so...
Indexes:

Home | Main Index | Thread Index | Old Index