romenskiy2012/jemalloc
1
0
Fork 0
mirror of https://github.com/jemalloc/jemalloc.git synced 2026-04-14 22:51:50 +03:00
Code Issues Projects Releases Packages Wiki Activity

Fix possible NULL pointer dereference from mallctl("prof.prefix", ...)

Browse source 
Static analysis flagged this issue. Here is a minimal program which
causes a segfault within Jemalloc:
```
#include <jemalloc/jemalloc.h>

const char *malloc_conf = "prof:true";

int main() {
  mallctl("prof.prefix", NULL, NULL, NULL, 0);
}
```

Fixed by checking if `prefix` is `NULL`.
This commit is contained in:
Kevin Svetlitski 2023-05-11 14:20:30 -07:00 committed by Qi Wang
parent d4a2b8bab1
commit 0288126d9c
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/prof_sys.c
View file

@ -749,6 +749,9 @@ bool
prof_prefix_set(tsdn_t *tsdn, const char *prefix) {
cassert(config_prof);
ctl_mtx_assert_held(tsdn);
if (prefix == NULL) {
return true;
}
malloc_mutex_lock(tsdn, &prof_dump_filename_mtx);
if (prof_prefix == NULL) {
malloc_mutex_unlock(tsdn, &prof_dump_filename_mtx);