https://bugs.kde.org/show_bug.cgi?id=514297
--- Comment #14 from Mark Wielaard <[email protected]> --- (In reply to mcermak from comment #10) > But after guarding the PRE_MEM_RASCIIZ() with ML_(safe_to_deref)() it seems > to kind of work... I wonder why PRE_MEM_RASCIIZ doesn't use safe_to_deref itself? For memcheck this translates to mc_is_defined_asciiz (in memcheck/mc_main.c). This uses get_vabits2 (in the same file) in a loop for each byte. Which calls get_secmap_for_reading. SecMaps are just addresses with undef/addr bits. So no segment mappings are checked. safe_to_deref calls am_is_valid_for_client which looks through the segments and checks the PROT bits of those VMAs. So maybe when calling PRE_MEM_RASCIIZ we really do need a safe_to_deref first? -- You are receiving this mail because: You are watching all bug changes.
