RFR: JDK-8327986: ASAN reports use-after-free in DirectivesParserTest.empty_object_vm
Daniel Jeliński
djelinski at openjdk.org
Wed Mar 13 08:06:13 UTC 2024
On Tue, 12 Mar 2024 13:57:53 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:
> ASAN reports a use-after-free, because we feed the string we got from `setlocale` back to `setlocale`, but the libc owns this string, and the libc decided to free it in the meantime.
>
> According to POSIX, it should be valid to pass into setlocale output from setlocale.
>
> However, glibc seems to delete the old string when calling setlocale again:
>
> https://codebrowser.dev/glibc/glibc/locale/setlocale.c.html#198
>
> Best to make a copy, and pass in the copy to setlocale.
test/hotspot/gtest/compiler/test_directivesParser.cpp line 39:
> 37: // These tests require the "C" locale to correctly parse decimal values
> 38: DirectivesParserTest() : _locale(os::strdup(setlocale(LC_NUMERIC, nullptr), mtTest)) {
> 39: setlocale(LC_NUMERIC, "C");
Would it fix the issue if we did this instead?
Suggestion:
DirectivesParserTest() : _locale(setlocale(LC_NUMERIC, "C")) {
seems to me that the string returned by setlocale is only valid until the next setlocale call, and currently we call setlocale twice in the constructor, and save the result of the first call.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/18235#discussion_r1522707838
More information about the hotspot-compiler-dev
mailing list