Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/lib/libpuffs fix crashes caused by using the results of getc...
details: https://anonhg.NetBSD.org/src/rev/9d8516ed49c8
branches: trunk
changeset: 771204:9d8516ed49c8
user: chs <chs%NetBSD.org@localhost>
date: Mon Nov 14 01:27:42 2011 +0000
description:
fix crashes caused by using the results of getcontext()
after the caller returns.
diffstat:
lib/libpuffs/puffs.c | 25 +++++++++++++++++++++++--
1 files changed, 23 insertions(+), 2 deletions(-)
diffs (49 lines):
diff -r a081cc9f9086 -r 9d8516ed49c8 lib/libpuffs/puffs.c
--- a/lib/libpuffs/puffs.c Mon Nov 14 00:12:37 2011 +0000
+++ b/lib/libpuffs/puffs.c Mon Nov 14 01:27:42 2011 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: puffs.c,v 1.116 2011/05/03 13:16:47 manu Exp $ */
+/* $NetBSD: puffs.c,v 1.117 2011/11/14 01:27:42 chs Exp $ */
/*
* Copyright (c) 2005, 2006, 2007 Antti Kantee. All Rights Reserved.
@@ -31,7 +31,7 @@
#include <sys/cdefs.h>
#if !defined(lint)
-__RCSID("$NetBSD: puffs.c,v 1.116 2011/05/03 13:16:47 manu Exp $");
+__RCSID("$NetBSD: puffs.c,v 1.117 2011/11/14 01:27:42 chs Exp $");
#endif /* !lint */
#include <sys/param.h>
@@ -993,9 +993,30 @@
if (puffs__cc_create(pu, puffs__theloop, &pcc) == -1) {
goto out;
}
+
+#if 0
if (puffs__cc_savemain(pu) == -1) {
goto out;
}
+#else
+ /*
+ * XXX
+ * puffs__cc_savemain() uses getcontext() and then returns.
+ * the caller (this function) may overwrite the stack frame
+ * of puffs__cc_savemain(), so when we call setcontext() later and
+ * return from puffs__cc_savemain() again, the return address or
+ * saved stack pointer can be garbage.
+ * avoid this by calling getcontext() directly here.
+ */
+ extern int puffs_fakecc;
+ if (!puffs_fakecc) {
+ PU_CLRSFLAG(pu, PU_MAINRESTORE);
+ if (getcontext(&pu->pu_mainctx) == -1) {
+ goto out;
+ }
+ }
+#endif
+
if ((pu->pu_state & PU_MAINRESTORE) == 0)
puffs_cc_continue(pcc);
Home |
Main Index |
Thread Index |
Old Index