RFR: 8261299: Use-after-free on failure path in LinuxPackage.c, getJvmLauncherLibPath
Aleksey Shipilev
shade at openjdk.java.net
Mon Feb 8 09:11:55 UTC 2021
SonarCloud instance reports a new warning after JDK-8254702:
"Use of memory after it is freed"
char* getJvmLauncherLibPath(void) {
...
popenStatus = popenCommand(pkgQueryCmd, pkg->name, findLauncherLib,
&launcherLibPath);
if (popenStatus) {
free(launcherLibPath); <---- frees here
goto cleanup;
}
}
cleanup:
free(modulePath);
freePackageDesc(pkg);
return launcherLibPath; <--- here
}
We need to null it out before returning.
Additional testing:
- [x] Linux x86_64 (Ubuntu) `tools/jpackage`
-------------
Commit messages:
- Null it out
Changes: https://git.openjdk.java.net/jdk/pull/2453/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=2453&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8261299
Stats: 1 line in 1 file changed: 1 ins; 0 del; 0 mod
Patch: https://git.openjdk.java.net/jdk/pull/2453.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/2453/head:pull/2453
PR: https://git.openjdk.java.net/jdk/pull/2453
More information about the core-libs-dev
mailing list