[PATCH] Cygwin: fhandler_base: Fix double free caused when open() fails.

public inbox for cygwin-patches@cygwin.com
 help / color / mirror / Atom feed

* [PATCH] Cygwin: fhandler_base: Fix double free caused when open() fails.
@ 2022-01-17 23:05 Takashi Yano
  2022-01-18 11:05 ` Corinna Vinschen
  0 siblings, 1 reply; 2+ messages in thread
From: Takashi Yano @ 2022-01-17 23:05 UTC (permalink / raw)
  To: cygwin-patches

- When open fails, archetype stored in archetypes[] is not cleared.
  This causes double free when next open fail. This patch fixes the
  issue.

Addresses:
  https://cygwin.com/pipermail/cygwin/2022-January/250518.html
---
 winsup/cygwin/fhandler.cc   | 4 ++--
 winsup/cygwin/release/3.3.4 | 3 +++
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/winsup/cygwin/fhandler.cc b/winsup/cygwin/fhandler.cc
index fc7c0422e..7d427135e 100644
--- a/winsup/cygwin/fhandler.cc
+++ b/winsup/cygwin/fhandler.cc
@@ -440,8 +440,8 @@ fhandler_base::open_with_arch (int flags, mode_t mode)
   if (!(res = (archetype && archetype->io_handle)
 	|| open (flags, mode & 07777)))
     {
-      if (archetype)
-	delete archetype;
+      if (archetype && archetype->usecount == 0)
+	cygheap->fdtab.delete_archetype (archetype);
     }
   else if (archetype)
     {
diff --git a/winsup/cygwin/release/3.3.4 b/winsup/cygwin/release/3.3.4
index 7c37a575c..71f8dc888 100644
--- a/winsup/cygwin/release/3.3.4
+++ b/winsup/cygwin/release/3.3.4
@@ -23,3 +23,6 @@ Bug Fixes
 
 - Fix an "Invalid argument" problem in posix_spawn on i686.
   Addresses: https://cygwin.com/pipermail/cygwin/2022-January/250453.html
+
+- Fix double free for archetype, which is caused when open() fails.
+  Addresses: https://cygwin.com/pipermail/cygwin/2022-January/250518.html
-- 
2.34.1


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] Cygwin: fhandler_base: Fix double free caused when open() fails.
  2022-01-17 23:05 [PATCH] Cygwin: fhandler_base: Fix double free caused when open() fails Takashi Yano
@ 2022-01-18 11:05 ` Corinna Vinschen
  0 siblings, 0 replies; 2+ messages in thread
From: Corinna Vinschen @ 2022-01-18 11:05 UTC (permalink / raw)
  To: cygwin-patches

On Jan 18 08:05, Takashi Yano wrote:
> - When open fails, archetype stored in archetypes[] is not cleared.
>   This causes double free when next open fail. This patch fixes the
>   issue.
> 
> Addresses:
>   https://cygwin.com/pipermail/cygwin/2022-January/250518.html
> ---
>  winsup/cygwin/fhandler.cc   | 4 ++--
>  winsup/cygwin/release/3.3.4 | 3 +++
>  2 files changed, 5 insertions(+), 2 deletions(-)

Yup, please push.

Thanks,
corinna

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2022-01-18 11:05 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-17 23:05 [PATCH] Cygwin: fhandler_base: Fix double free caused when open() fails Takashi Yano
2022-01-18 11:05 ` Corinna Vinschen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).