libltdl memory corruption

bug-libtool

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

libltdl memory corruption

From:	Andreas Schwab
Subject:	libltdl memory corruption
Date:	Mon, 03 Mar 2008 15:39:47 +0100
User-agent:	Gnus/5.110006 (No Gnus v0.6) Emacs/22.1 (gnu/linux)

libltdl uses memory after free when initialized twice.

$ cat ltdl.c
#include <ltdl.h>

int
main ()
{
  lt_dlinit ();
  lt_dlexit ();
  lt_dlinit ();
  lt_dlexit ();
}
$ gcc ltdl.c -o ltdl -lltdl
$ MALLOC_CHECK_=2 ./ltdl 
Segmentation fault

The bug is that preopen_LTX_get_vtable returns a pointer to memory that
has already been freed by lt_dlexit.

Andreas.

-- 
Andreas Schwab, SuSE Labs, address@hidden
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."

[Prev in Thread]

Current Thread

[Next in Thread]

libltdl memory corruption, Andreas Schwab <=
- Re: libltdl memory corruption, Ralf Wildenhues, 2008/03/03
  - Re: libltdl memory corruption, Peter O'Gorman, 2008/03/03
  - Re: libltdl memory corruption, Peter O'Gorman, 2008/03/04
    - Re: libltdl memory corruption, Ralf Wildenhues, 2008/03/04

Prev by Date: Re: [libtool 2.2] testsuite: 34 failed
Next by Date: Re: [libtool 2.2] testsuite: 34 failed
Previous by thread: [libtool 2.2] testsuite: 40 41 42 44 45 46 48 49 50 51 52 53 failed
Next by thread: Re: libltdl memory corruption
Index(es):
- Date
- Thread