blob: 411e802fd1e486ce460e3a936c2c4162533cfc16 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
From 9543656cc32fda48fc463f332ee20e91eed2b768 Mon Sep 17 00:00:00 2001
From: Alexander Monakov <amonakov@ispras.ru>
Date: Sun, 6 Mar 2016 20:22:38 +0300
Subject: [PATCH] env: avoid leaving dangling pointers in __env_map
This is the minimal fix for __putenv leaving a pointer to freed heap
storage in __env_map array, which could later on lead to errors such
as double-free.
---
src/env/putenv.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/env/putenv.c b/src/env/putenv.c
index 4042869..7153042 100644
--- a/src/env/putenv.c
+++ b/src/env/putenv.c
@@ -30,6 +30,7 @@ int __putenv(char *s, int a)
}
} else {
free(__env_map[j]);
+ __env_map[j] = s;
}
}
}
--
2.7.2
|