Module Name: src
Committed By: martin
Date: Thu Jul 12 15:24:43 UTC 2018
Modified Files:
src/lib/libutil [netbsd-8]: pty.c
Log Message:
Pull up following revision(s) (requested by kamil in ticket #901):
lib/libutil/pty.c: revision 1.32
Fix stack use after scope in libutil/pty
The pt variable's elements are used after the end of the pt scope.
A move of pt to outer scope fixes this.
Detected with MKSANITIZER/ASan with tmux(1), a forkpty(3) user.
To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.31.38.1 src/lib/libutil/pty.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libutil/pty.c
diff -u src/lib/libutil/pty.c:1.31 src/lib/libutil/pty.c:1.31.38.1
--- src/lib/libutil/pty.c:1.31 Fri Feb 20 16:44:06 2009
+++ src/lib/libutil/pty.c Thu Jul 12 15:24:43 2018
@@ -1,4 +1,4 @@
-/* $NetBSD: pty.c,v 1.31 2009/02/20 16:44:06 christos Exp $ */
+/* $NetBSD: pty.c,v 1.31.38.1 2018/07/12 15:24:43 martin Exp $ */
/*-
* Copyright (c) 1990, 1993, 1994
@@ -34,7 +34,7 @@
#if 0
static char sccsid[] = "@(#)pty.c 8.3 (Berkeley) 5/16/94";
#else
-__RCSID("$NetBSD: pty.c,v 1.31 2009/02/20 16:44:06 christos Exp $");
+__RCSID("$NetBSD: pty.c,v 1.31.38.1 2018/07/12 15:24:43 martin Exp $");
#endif
#endif /* LIBC_SCCS and not lint */
@@ -70,6 +70,7 @@ openpty(int *amaster, int *aslave, char
mode_t mode;
struct group grs, *grp;
char grbuf[1024];
+ struct ptmget pt;
_DIAGASSERT(amaster != NULL);
_DIAGASSERT(aslave != NULL);
@@ -78,7 +79,6 @@ openpty(int *amaster, int *aslave, char
/* winp may be NULL */
if ((master = open("/dev/ptm", O_RDWR)) != -1) {
- struct ptmget pt;
if (ioctl(master, TIOCPTMGET, &pt) != -1) {
(void)close(master);
master = pt.cfd;
