Code Review / openocd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: b07604c)
rtos/linux: fix use of memory after it is freed 71/5371/2
authorTomas Vanek <vanekt@fbl.cz>
Fri, 20 Dec 2019 22:35:12 +0000 (23:35 +0100)
committerTomas Vanek <vanekt@fbl.cz>
Sat, 7 Mar 2020 15:29:37 +0000 (15:29 +0000)
Discovered by clang static analyzer

Change-Id: I9f64a67f281b95562d8fd6e2ebb0ae3f79ae8039
Signed-off-by: Tomas Vanek <vanekt@fbl.cz>
Reviewed-on: http://openocd.zylin.com/5371
Tested-by: jenkins
Reviewed-by: Oleksij Rempel <linux@rempel-privat.de>
src/rtos/linux.c patch | blob | history

diff --git a/src/rtos/linux.c b/src/rtos/linux.c
index 74172b70a43c189b27d69cfe9e5e33f9c8cf72e0..9e59c41a52372843349ba238f83d7cdf3c2a88ad 100644 (file)
--- a/src/rtos/linux.c
+++ b/src/rtos/linux.c
@@ -621,17 +621,17 @@ struct threads *liste_del_task(struct threads *task_list, struct threads **t,
        struct threads *prev)
 {
        LOG_INFO("del task %" PRId64, (*t)->threadid);
-       prev->next = (*t)->next;
-
-       if (prev == task_list)
-               task_list = prev;
+       if (prev)
+               prev->next = (*t)->next;
+       else
+               task_list = (*t)->next;
 
        /*  free content of threads */
        if ((*t)->context)
                free((*t)->context);
 
        free(*t);
-       *t = prev;
+       *t = prev ? prev : task_list;
        return task_list;
 }
 
@@ -725,6 +725,7 @@ int linux_get_tasks(struct target *target, int context)
 
                /*  check that this thread is not one the current threads already
                 *  created */
+               uint32_t base_addr;
 #ifdef PID_CHECK
 
                if (!current_pid(linux_os, t->pid)) {
@@ -745,12 +746,13 @@ int linux_get_tasks(struct target *target, int context)
                                t->context =
                                        cpu_context_read(target, t->base_addr,
                                                &t->thread_info_addr);
+                       base_addr = next_task(target, t);
                } else {
                        /*LOG_INFO("thread %s is a current thread already created",t->name); */
+                       base_addr = next_task(target, t);
                        free(t);
                }
 
-               uint32_t base_addr = next_task(target, t);
                t = calloc(1, sizeof(struct threads));
                t->base_addr = base_addr;
        }
@@ -1178,7 +1180,7 @@ int linux_gdb_T_packet(struct connection *connection,
 
        if (linux_os->threads_needs_update == 0) {
                struct threads *temp = linux_os->thread_list;
-               struct threads *prev = linux_os->thread_list;
+               struct threads *prev = NULL;
 
                while (temp != NULL) {
                        if (temp->threadid == threadid) {
Open On-Chip Debugger

Linking to existing account procedure

If you already have an account and want to add another login method you MUST first sign in with your existing account and then change URL to read https://review.openocd.org/login/?link to get to this page again but this time it'll work for linking. Thank you.

SSH host keys fingerprints

1024 SHA256:YKx8b7u5ZWdcbp7/4AeXNaqElP49m6QrwfXaqQGJAOk gerrit-code-review@openocd.zylin.com (DSA)
384 SHA256:jHIbSQa4REvwCFG4cq5LBlBLxmxSqelQPem/EXIrxjk gerrit-code-review@openocd.org (ECDSA)
521 SHA256:UAOPYkU9Fjtcao0Ul/Rrlnj/OsQvt+pgdYSZ4jOYdgs gerrit-code-review@openocd.org (ECDSA)
256 SHA256:A13M5QlnozFOvTllybRZH6vm7iSt0XLxbA48yfc2yfY gerrit-code-review@openocd.org (ECDSA)
256 SHA256:spYMBqEYoAOtK7yZBrcwE8ZpYt6b68Cfh9yEVetvbXg gerrit-code-review@openocd.org (ED25519)
+--[ED25519 256]--+
|=..              |
|+o..   .         |
|*.o   . .        |
|+B . . .         |
|Bo. = o S        |
|Oo.+ + =         |
|oB=.* = . o      |
| =+=.+   + E     |
|. .=o   . o      |
+----[SHA256]-----+
2048 SHA256:0Onrb7/PHjpo6iVZ7xQX2riKN83FJ3KGU0TvI0TaFG4 gerrit-code-review@openocd.zylin.com (RSA)