Integrated: 8261299: Use-after-free on failure path in LinuxPackage.c, getJvmLauncherLibPath

Aleksey Shipilev shade at openjdk.java.net
Tue Feb 9 17:49:40 UTC 2021


On Mon, 8 Feb 2021 09:05:23 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:

> SonarCloud instance reports a new warning after JDK-8254702:
>  "Use of memory after it is freed"
> 
> char* getJvmLauncherLibPath(void) {
>        ...
>         popenStatus = popenCommand(pkgQueryCmd, pkg->name, findLauncherLib,
>                                                         &launcherLibPath);
>         if (popenStatus) {
>             free(launcherLibPath); <---- frees here
>             goto cleanup;
>         }
>     }
> 
> cleanup:
>     free(modulePath);
>     freePackageDesc(pkg);
> 
>     return launcherLibPath; <--- here
> }
> 
> We need to null it out before returning.
> 
> Additional testing:
>  - [x] Linux x86_64 (Ubuntu) `tools/jpackage`

This pull request has now been integrated.

Changeset: 01d92808
Author:    Aleksey Shipilev <shade at openjdk.org>
URL:       https://git.openjdk.java.net/jdk/commit/01d92808
Stats:     1 line in 1 file changed: 1 ins; 0 del; 0 mod

8261299: Use-after-free on failure path in LinuxPackage.c, getJvmLauncherLibPath

Reviewed-by: stuefe, herrick

-------------

PR: https://git.openjdk.java.net/jdk/pull/2453


More information about the core-libs-dev mailing list