void-packages/srcpkgs/mbuffer/patches/0001-mbuffer-don-t-cancel-ReaderThr.patch
Érico Nogueira 6b27986d2a mbuffer: fix use-after-free.
Fixes segfault on musl when killed with SIGINT.
2021-03-15 22:56:19 -03:00

33 lines
1,013 B
Diff

Subject: [PATCH] mbuffer: don't cancel ReaderThr.
joinSenders is called after ReaderThr has been joined, which makes the
pthread_cancel call in cancelAll undefined behavior and a case of
use-after-free. Since the thread will already have been joined in main
by the time joinSenders is called, there is no need to cancel it, so
that call can simply be removed.
Furthermore, we don't have to account for situations where pthread_join
can fail, because this program doesn't generate them. If there were
other threads which tried to join readerThr at the same time, a
successful pthread_join call should also set Status=0, so pthread_cancel
isn't called. However, that isn't necessary.
---
mbuffer.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/mbuffer.c b/mbuffer.c
index 79c997f..6e65277 100644
--- a/mbuffer.c
+++ b/mbuffer.c
@@ -166,8 +166,6 @@ static void cancelAll(void)
d->result = "canceled";
d = d->next;
} while (d);
- if (Status)
- (void) pthread_cancel(ReaderThr);
}
--
2.30.2