This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] iconv_open: Fix heap corruption on gconv_init failure [BZ #22026]
On Aug 29 2017, Florian Weimer <fweimer@redhat.com> wrote:
> diff --git a/iconv/gconv_db.c b/iconv/gconv_db.c
> index 7a95aeaeac..1f8293672e 100644
> --- a/iconv/gconv_db.c
> +++ b/iconv/gconv_db.c
> @@ -318,9 +318,13 @@ gen_steps (struct derivation_step *best, const char *toset,
> if (__builtin_expect (status, __GCONV_OK) != __GCONV_OK)
> {
> failed = 1;
> - /* Make sure we unload this modules. */
> - --step_cnt;
> + /* Do not call the end function because the init
> + function has failed. */
> result[step_cnt].__end_fct = NULL;
> +# ifdef PTR_MANGLE
> + PTR_MANGLE (result[step_cnt].__end_fct);
> +# endif
> + --step_cnt;
Please keep the comment (with a spelling fix).
Ok with that change.
Andreas.
--
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."