[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
libltdl memory corruption
From: |
Andreas Schwab |
Subject: |
libltdl memory corruption |
Date: |
Mon, 03 Mar 2008 15:39:47 +0100 |
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.1 (gnu/linux) |
libltdl uses memory after free when initialized twice.
$ cat ltdl.c
#include <ltdl.h>
int
main ()
{
lt_dlinit ();
lt_dlexit ();
lt_dlinit ();
lt_dlexit ();
}
$ gcc ltdl.c -o ltdl -lltdl
$ MALLOC_CHECK_=2 ./ltdl
Segmentation fault
The bug is that preopen_LTX_get_vtable returns a pointer to memory that
has already been freed by lt_dlexit.
Andreas.
--
Andreas Schwab, SuSE Labs, address@hidden
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
- libltdl memory corruption,
Andreas Schwab <=