forked from rpms/glibc
Hotfix for invalid Systemtap probe in pthread_join (#1674280)
This commit is contained in:
parent
8e6306e004
commit
b82e3b3f85
26
glibc-rh1674280.patch
Normal file
26
glibc-rh1674280.patch
Normal file
@ -0,0 +1,26 @@
|
||||
Fix a user-after-free bug in the Systemtap probe in
|
||||
__pthread_timedjoin_ex:
|
||||
|
||||
/* Free the TCB. */
|
||||
__free_tcb (pd);
|
||||
}
|
||||
else
|
||||
pd->joinid = NULL;
|
||||
|
||||
LIBC_PROBE (pthread_join_ret, 3, threadid, result, pd->result);
|
||||
|
||||
__free_tcb has freed the stack, the access pd->result is invalid.
|
||||
|
||||
diff --git a/nptl/pthread_join_common.c b/nptl/pthread_join_common.c
|
||||
index ecb78ffba5861bdc..45deba6a74c5efd2 100644
|
||||
--- a/nptl/pthread_join_common.c
|
||||
+++ b/nptl/pthread_join_common.c
|
||||
@@ -101,7 +101,7 @@ __pthread_timedjoin_ex (pthread_t threadid, void **thread_return,
|
||||
else
|
||||
pd->joinid = NULL;
|
||||
|
||||
- LIBC_PROBE (pthread_join_ret, 3, threadid, result, pd->result);
|
||||
+ LIBC_PROBE (pthread_join_ret, 3, threadid, result, result);
|
||||
|
||||
return result;
|
||||
}
|
@ -87,7 +87,7 @@
|
||||
Summary: The GNU libc libraries
|
||||
Name: glibc
|
||||
Version: %{glibcversion}
|
||||
Release: 6%{?dist}
|
||||
Release: 7%{?dist}
|
||||
|
||||
# In general, GPLv2+ is used by programs, LGPLv2+ is used for
|
||||
# libraries.
|
||||
@ -158,6 +158,7 @@ Patch18: glibc-c-utf8-locale.patch
|
||||
Patch23: glibc-python3.patch
|
||||
Patch28: glibc-rh1615608.patch
|
||||
Patch29: glibc-rh1670028.patch
|
||||
Patch99: glibc-rh1674280.patch
|
||||
|
||||
##############################################################################
|
||||
# Continued list of core "glibc" package information:
|
||||
@ -1889,6 +1890,9 @@ fi
|
||||
%files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared
|
||||
|
||||
%changelog
|
||||
* Mon Feb 11 2019 Florian Weimer <fweimer@redhat.com> - 2.29-7
|
||||
- Hotfix for invalid Systemtap probe in pthread_join (#1674280)
|
||||
|
||||
* Mon Feb 11 2019 Florian Weimer <fweimer@redhat.com> - 2.29-6
|
||||
- Remove LRA bug on POWER workaround, fixed in gcc-9.0.1-0.4.fc30 (#1673018)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user