This is an automated email from the ASF dual-hosted git repository.
acassis pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/nuttx.git
The following commit(s) were added to refs/heads/master by this push:
new ae47d6a1010 sched/task: fix null pointer dereference in fork address
environment setup
ae47d6a1010 is described below
commit ae47d6a1010273cbf3c6d1462343a3409ac6ea59
Author: hujun5 <[email protected]>
AuthorDate: Tue May 6 21:17:36 2025 +0800
sched/task: fix null pointer dereference in fork address environment setup
Move addrenv_join() call after group_initialize() in nxtask_setup_fork() to
fix
null pointer dereference. addrenv_join() accesses child->group which is
initialized by group_initialize(), so the operations must be sequenced
correctly. Reorder initialization to ensure child task group is set up
before
address environment join operations.
Signed-off-by: hujun5 <[email protected]>
---
sched/task/task_fork.c | 26 +++++++++++++-------------
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/sched/task/task_fork.c b/sched/task/task_fork.c
index 59bdf5611bb..964c55b0395 100644
--- a/sched/task/task_fork.c
+++ b/sched/task/task_fork.c
@@ -147,19 +147,6 @@ FAR struct tcb_s *nxtask_setup_fork(start_t retaddr)
child->flags |= TCB_FLAG_FREE_TCB;
-#if defined(CONFIG_ARCH_ADDRENV)
- /* Join the parent address environment (REVISIT: vfork() only) */
-
- if (ttype != TCB_FLAG_TTYPE_KERNEL)
- {
- ret = addrenv_join(parent, child);
- if (ret < 0)
- {
- goto errout_with_tcb;
- }
- }
-#endif
-
/* Initialize the task join */
nxtask_joininit(child);
@@ -176,6 +163,19 @@ FAR struct tcb_s *nxtask_setup_fork(start_t retaddr)
goto errout_with_tcb;
}
+#if defined(CONFIG_ARCH_ADDRENV)
+ /* Join the parent address environment */
+
+ if (ttype != TCB_FLAG_TTYPE_KERNEL)
+ {
+ ret = addrenv_join(parent, child);
+ if (ret < 0)
+ {
+ goto errout_with_tcb;
+ }
+ }
+#endif
+
/* Duplicate the parent tasks environment */
ret = env_dup(child->group, environ);
