diff options
Diffstat (limited to 'main/musl/0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch')
-rw-r--r-- | main/musl/0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/main/musl/0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch b/main/musl/0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch new file mode 100644 index 0000000000..8e0f33d6ce --- /dev/null +++ b/main/musl/0008-fix-use-of-uninitialized-pointer-in-gettext-core.patch @@ -0,0 +1,50 @@ +From dbbb3734d8c0176feabd6c46e2e85bbc3b8a60af Mon Sep 17 00:00:00 2001 +From: Rich Felker <dalias@aerifal.cx> +Date: Sun, 29 Jan 2017 11:14:00 -0500 +Subject: [PATCH] fix use of uninitialized pointer in gettext core + +the plural_rule field of allocated msgcat structures was assumed to be +initially-null but was never initialized. for future-proofing, the +nplurals field which was left uninitialized should also be cleared. + +likewise, in the binding structure, the active field could be used +uninitialized by a technicality: the a_store which stores the initial +value of 0 may be implemented as a cas operation, which reads the old +value. + +rather than fixing these issues individually, just use calloc for both +allocations. this does result in wasteful clearing of name buffers (up +to NAME_MAX+PATH_MAX) before filling them, but since the size if +bounded and the time is dominated by filesystem operations, it really +doesn't matter; simplicity and future-proofing have more value here. + +modified from patch submitted by He X. +--- + src/locale/dcngettext.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/locale/dcngettext.c b/src/locale/dcngettext.c +index e48c50f0..73a9fd70 100644 +--- a/src/locale/dcngettext.c ++++ b/src/locale/dcngettext.c +@@ -57,7 +57,7 @@ char *bindtextdomain(const char *domainname, const char *dirname) + } + + if (!p) { +- p = malloc(sizeof *p + domlen + dirlen + 2); ++ p = calloc(sizeof *p + domlen + dirlen + 2, 1); + if (!p) { + UNLOCK(lock); + return 0; +@@ -171,7 +171,7 @@ notrans: + size_t map_size; + const void *map = __map_file(name, &map_size); + if (!map) goto notrans; +- p = malloc(sizeof *p + namelen + 1); ++ p = calloc(sizeof *p + namelen + 1, 1); + if (!p) { + __munmap((void *)map, map_size); + goto notrans; +-- +2.11.1 + |