external/cde
1
0
Fork 0
mirror of git://git.code.sf.net/p/cdesktopenv/code synced 2025-03-09 15:50:02 +00:00
Code Issues Releases Wiki Activity

trap: fix use after free (#446)

Browse source 
This commit adds a fix for the trap command, backported from a fork
of ksh2020: 2033375f

src/cmd/ksh93/sh/jobs.c: job_chldtrap():
- Fixed a use after free bug in the for loop. The string pointed to
  by sh.st.trapcom[SIGCHLD] may be freed from memory after
  sh_trap(), so it must be reobtained each time sh_trap() is called
  from within the for loop.
This commit is contained in:
Johnothan King 2022-02-04 18:29:23 -08:00 committed by Martijn Dekker
parent 8e72608c1c
commit fb696ecfae
4 changed files with 14 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/cmd/ksh93/sh/fault.c
View file

@ -350,6 +350,8 @@ void sh_sigreset(register int mode)
}
}
if(sh.st.trapcom[0] && sh.st.trapcom[0] != Empty)
free(sh.st.trapcom[0]);
sh.st.trapcom[0] = 0;
if(mode)
sh.st.trapmax = 0;
@ -411,7 +413,7 @@ void sh_chktrap(void)
sh_timetraps();
#if SHOPT_BGX
if((sh.sigflag[SIGCHLD]&SH_SIGTRAP) && sh.st.trapcom[SIGCHLD])
job_chldtrap(sh.st.trapcom[SIGCHLD],1);
job_chldtrap(1);
#endif /* SHOPT_BGX */
while(--sig>=0)
{