Date: Mon, 30 Dec 2013 19:17:49 +0000 (UTC) From: David Wuertele <dave+gmane@...rtele.com> To: musl@...ts.openwall.com Subject: Re: NULL deref SEGV in malloc.c:unbin() I found the root cause of the SEGV, I was calling closedir() on the same dir pointer twice (quite some time before the SEGV). I assume that the behavior of closedir() is undefined when used this way, so my program now makes sure not to do that. But it seems a poor implementation that a double call to closedir should result in memory corruption, and it seems a bug in malloc() that a closedir/opendir sequence can cause it to SEGV. I tried to reduce my program to just this behavior so that I could give you a test case, but the SEGV did not occur with just the opendir/closedir sequence my program calls. Dave
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.