RFR: 8261299: Use-after-free on failure path in LinuxPackage.c, getJvmLauncherLibPath

Aleksey Shipilev shade at openjdk.java.net
Tue Feb 9 09:04:30 UTC 2021


On Mon, 8 Feb 2021 10:34:06 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:

>> SonarCloud instance reports a new warning after JDK-8254702:
>>  "Use of memory after it is freed"
>> 
>> char* getJvmLauncherLibPath(void) {
>>        ...
>>         popenStatus = popenCommand(pkgQueryCmd, pkg->name, findLauncherLib,
>>                                                         &launcherLibPath);
>>         if (popenStatus) {
>>             free(launcherLibPath); <---- frees here
>>             goto cleanup;
>>         }
>>     }
>> 
>> cleanup:
>>     free(modulePath);
>>     freePackageDesc(pkg);
>> 
>>     return launcherLibPath; <--- here
>> }
>> 
>> We need to null it out before returning.
>> 
>> Additional testing:
>>  - [x] Linux x86_64 (Ubuntu) `tools/jpackage`
>
> Marked as reviewed by stuefe (Reviewer).

jpackage reviewers, please? @andyherrick?

-------------

PR: https://git.openjdk.java.net/jdk/pull/2453


More information about the core-libs-dev mailing list