[newlib-cygwin/cygwin-3_5-branch] Cygwin: lockf: Fix access violation in lf_clearlock().

Wed, 20 Nov 2024 04:34:54 -0800 

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=c4102f82ddd97f77e32bda7aba84d5d4cc4028a7

commit c4102f82ddd97f77e32bda7aba84d5d4cc4028a7
Author: Takashi Yano <takashi.y...@nifty.ne.jp>
Date:   Thu Nov 14 00:44:41 2024 +0900

    Cygwin: lockf: Fix access violation in lf_clearlock().
    
    The commit ae181b0ff122 has a bug that the pointer is referred bofore
    NULL check in the function lf_clearlock(). This patch fixes that.
    
    Addresses: https://cygwin.com/pipermail/cygwin/2024-November/256750.html
    Fixes: ae181b0ff122 ("Cygwin: lockf: Make lockf() return ENOLCK when too 
many locks")
    Reported-by: Sebastian Feld <sebastian.n.f...@gmail.com>
    Reviewed-by: Corinna Vinschen <cori...@vinschen.de>
    Signed-off-by: Takashi Yano <takashi.y...@nifty.ne.jp>
    (cherry picked from commit e7ef920d7d0dcff8cfe7a0c914f803b8c78900bb)

Diff:
---
 winsup/cygwin/flock.cc      | 6 ++++--
 winsup/cygwin/release/3.5.5 | 3 +++
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/winsup/cygwin/flock.cc b/winsup/cygwin/flock.cc
index 3821bddd6..794e66bd7 100644
--- a/winsup/cygwin/flock.cc
+++ b/winsup/cygwin/flock.cc
@@ -1524,6 +1524,10 @@ lf_clearlock (lockf_t *unlock, lockf_t **clean, HANDLE 
fhdl)
   lockf_t *lf = *head;
   lockf_t *overlap, **prev;
   int ovcase;
+
+  if (lf == NOLOCKF)
+    return 0;
+
   inode_t *node = lf->lf_inode;
   tmp_pathbuf tp;
   node->i_all_lf = (lockf_t *) tp.w_get ();
@@ -1531,8 +1535,6 @@ lf_clearlock (lockf_t *unlock, lockf_t **clean, HANDLE 
fhdl)
   uint32_t lock_cnt = node->get_lock_count ();
   bool first_loop = true;
 
-  if (lf == NOLOCKF)
-    return 0;
   prev = head;
   while ((ovcase = lf_findoverlap (lf, unlock, SELF, &prev, &overlap)))
     {
diff --git a/winsup/cygwin/release/3.5.5 b/winsup/cygwin/release/3.5.5
index 3088f8682..13982632b 100644
--- a/winsup/cygwin/release/3.5.5
+++ b/winsup/cygwin/release/3.5.5
@@ -36,3 +36,6 @@ Fixes:
 
 - Fix potential stack corruption in rmdir() in a border case.
   Addresses: https://cygwin.com/pipermail/cygwin/2024-November/256774.html
+
+- Fix access violation in lf_clearlock() called from flock().
+  Addresses: https://cygwin.com/pipermail/cygwin/2024-November/256750.html

Reply via email to