fix linked list corruption in flockfile lists

commit 5345c9b884 added a linked list to
track the FILE streams currently locked (via flockfile) by a thread.
due to a failure to fully link newly added members, removal from the
list could leave behind references which could later result in writes
to already-freed memory and possibly other memory corruption.

implicit stdio locking was unaffected; the list is only used in
conjunction with explicit flockfile locking.

this bug was not present in any releases; it was introduced and fixed
during the same release cycle.

patch by Timo Teräs, who discovered and tracked down the bug.
This commit is contained in:
Rich Felker 2014-09-19 12:28:45 -04:00
parent 18daae3135
commit 3e936ce81b

View File

@ -34,6 +34,7 @@ int ftrylockfile(FILE *f)
f->lockcount = 1;
f->prev_locked = 0;
f->next_locked = self->stdio_locks;
if (f->next_locked) f->next_locked->prev_locked = f;
self->stdio_locks = f;
return 0;
}