[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [patch] fix double free in fts_read
From: |
Jim Meyering |
Subject: |
Re: [patch] fix double free in fts_read |
Date: |
Tue, 30 Aug 2005 08:32:20 +0200 |
Thanks for taking the time to report that.
That bug was fixed upstream (slightly differently) by revision 1.21
of fts.c. Here's the log entry:
date: 2004-10-13 21:25:30 +0200; author: meyering; state: Exp; lines: +5
-4;
(fts_read): When about to fail (by returning NULL) due
to a failed fchdir or failed fts_safe_changedir call, set
`sp->fts_cur = p'. Do this by removing the explicit `return NULL;'
statements and setting p->fts_errno so execution falls through
to the common-case code below. Otherwise, after such a failure,
calling fts_close would attempt to free an already-freed buffer.
Reported by Luis Lopez Lopez in http://bugs.debian.org/276352.
There have been 24 deltas to fts.c since coreutils-5.2.1.
Mike Frysinger <address@hidden> wrote:
> find attached a patch by Martin Schlemmer to fix a double free in the fts_read
> function
>
> original bug report:
> http://bugs.gentoo.org/show_bug.cgi?id=87490
>
> explanation of issue:
> http://bugs.gentoo.org/show_bug.cgi?id=87490#c8
>
> patch (also attached):
> http://bugs.gentoo.org/attachment.cgi?id=65200