project-base/server-skynet-source-3rd-jemalloc
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix possible NULL pointer dereference from mallctl("prof.prefix", ...)

Browse Source 
Static analysis flagged this issue. Here is a minimal program which
causes a segfault within Jemalloc:
```
#include <jemalloc/jemalloc.h>

const char *malloc_conf = "prof:true";

int main() {
  mallctl("prof.prefix", NULL, NULL, NULL, 0);
}
```

Fixed by checking if `prefix` is `NULL`.
This commit is contained in:
Kevin Svetlitski 2023-05-11 14:20:30 -07:00 committed by Qi Wang
parent d4a2b8bab1
commit 0288126d9c
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/prof_sys.c
View File

@ -749,6 +749,9 @@ bool
prof_prefix_set(tsdn_t *tsdn, const char *prefix) { prof_prefix_set(tsdn_t *tsdn, const char *prefix) {
cassert(config_prof); cassert(config_prof);
ctl_mtx_assert_held(tsdn); ctl_mtx_assert_held(tsdn);
if (prefix == NULL) {
return true;
}
malloc_mutex_lock(tsdn, &prof_dump_filename_mtx); malloc_mutex_lock(tsdn, &prof_dump_filename_mtx);
if (prof_prefix == NULL) { if (prof_prefix == NULL) {
malloc_mutex_unlock(tsdn, &prof_dump_filename_mtx); malloc_mutex_unlock(tsdn, &prof_dump_filename_mtx);