[git] GnuPG - branch, master, updated. gnupg-2.1.18-17-ge175152

by Justus Winter cvs at cvs.gnupg.org
Wed Jan 25 13:56:57 CET 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".

The branch, master has been updated
       via  e175152ef7515921635bf1e00383e812668d13fc (commit)
      from  5f2da5d439debf44615a97de788d8f720b517972 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit e175152ef7515921635bf1e00383e812668d13fc
Author: Justus Winter <justus at g10code.com>
Date:   Wed Jan 25 13:51:57 2017 +0100

    agent: Fix double free.
    
    * agent/cache.c (agent_store_cache_hit): Make sure the update is
    atomic.
    --
    Previously, the function freed the last key, and duplicated the new
    key after doing that.  There is a chance, however, that calling the
    allocator surrenders control to a different thread, causing a double
    free if a different thread also calls this function.
    
    To make sure the update is atomic under the non-preemptive thread
    model, we must make sure not to surrender control to a different
    thread.  Therefore, we avoid calling the allocator during the
    update.
    
    Signed-off-by: Justus Winter <justus at g10code.com>

diff --git a/agent/cache.c b/agent/cache.c
index f58eaea..2483682 100644
--- a/agent/cache.c
+++ b/agent/cache.c
@@ -475,6 +475,19 @@ agent_get_cache (const char *key, cache_mode_t cache_mode)
 void
 agent_store_cache_hit (const char *key)
 {
-  xfree (last_stored_cache_key);
-  last_stored_cache_key = key? xtrystrdup (key) : NULL;
+  char *new;
+  char *old;
+
+  /* To make sure the update is atomic under the non-preemptive thread
+   * model, we must make sure not to surrender control to a different
+   * thread.  Therefore, we avoid calling the allocator during the
+   * update.  */
+  new = key ? xtrystrdup (key) : NULL;
+
+  /* Atomic update.  */
+  old = last_stored_cache_key;
+  last_stored_cache_key = new;
+  /* Done.  */
+
+  xfree (old);
 }

-----------------------------------------------------------------------

Summary of changes:
 agent/cache.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
The GNU Privacy Guard
http://git.gnupg.org

More information about the Gnupg-commits mailing list