From 2cb53e303f7b61abefada491815f002b591a60b8 Mon Sep 17 00:00:00 2001 From: Eric Andersen Date: Tue, 29 Apr 2003 07:25:59 +0000 Subject: uClibc 0.9.19 has a bug in globfree(). If the previous call to glob(...,pglob) used the GLOB_DOOFFS flag to reserve the first pglob->gl_offs slots of pglob->gl_pathv, globfree(pglob) would attempt to free the objects pointed to by those slots. If those objects were not on the heap, the system would crash. The attached patch fixes this. Norm --- libc/misc/glob/glob.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'libc') diff --git a/libc/misc/glob/glob.c b/libc/misc/glob/glob.c index f45a2c487..8078dee38 100644 --- a/libc/misc/glob/glob.c +++ b/libc/misc/glob/glob.c @@ -260,8 +260,8 @@ globfree (pglob) { if (pglob->gl_pathv != NULL) { - register int i; - for (i = 0; i < pglob->gl_pathc; ++i) + register int i = pglob->gl_flags & GLOB_DOOFFS? pglob->gl_offs : 0; + for (; i < pglob->gl_pathc; ++i) if (pglob->gl_pathv[i] != NULL) free ((__ptr_t) pglob->gl_pathv[i]); free ((__ptr_t) pglob->gl_pathv); -- cgit v1.2.3