projects / musl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 589aefa)
env: avoid leaving dangling pointers in __env_map
authorAlexander Monakov <amonakov@ispras.ru>
Sun, 6 Mar 2016 17:22:38 +0000 (20:22 +0300)
committerRich Felker <dalias@aerifal.cx>
Sun, 6 Mar 2016 18:33:52 +0000 (13:33 -0500)
This is the minimal fix for __putenv leaving a pointer to freed heap
storage in __env_map array, which could later on lead to errors such
as double-free.

src/env/putenv.c patch | blob | history

diff --git a/src/env/putenv.c b/src/env/putenv.c
index 4042869..7153042 100644 (file)
--- a/src/env/putenv.c
+++ b/src/env/putenv.c
@@ -30,6 +30,7 @@ int __putenv(char *s, int a)
                                }
                        } else {
                                free(__env_map[j]);
+                               __env_map[j] = s;
                        }
                }
        }
musl