RFR: 8261299: Use-after-free on failure path in LinuxPackage.c, getJvmLauncherLibPath
Andy Herrick
herrick at openjdk.java.net
Tue Feb 9 16:01:43 UTC 2021
On Mon, 8 Feb 2021 09:05:23 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> SonarCloud instance reports a new warning after JDK-8254702:
> "Use of memory after it is freed"
>
> char* getJvmLauncherLibPath(void) {
> ...
> popenStatus = popenCommand(pkgQueryCmd, pkg->name, findLauncherLib,
> &launcherLibPath);
> if (popenStatus) {
> free(launcherLibPath); <---- frees here
> goto cleanup;
> }
> }
>
> cleanup:
> free(modulePath);
> freePackageDesc(pkg);
>
> return launcherLibPath; <--- here
> }
>
> We need to null it out before returning.
>
> Additional testing:
> - [x] Linux x86_64 (Ubuntu) `tools/jpackage`
Marked as reviewed by herrick (Reviewer).
-------------
PR: https://git.openjdk.java.net/jdk/pull/2453
More information about the core-libs-dev
mailing list