From nobody Wed Sep 06 19:38:35 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Rgt300fjSz4sF4m; Wed, 6 Sep 2023 19:38:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Rgt2z6LXZz4Lgt; Wed, 6 Sep 2023 19:38:35 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694029115; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=38R8rHu9pNiYtRAx8w5+9XmBzH2A68UbsKx9ARAVxvg=; b=u7IBy0+TGn8pGFyGWJ06KPqseEtNsy6Uoh4BJaIefzjlB9pEOqD+udHGSC4FHLiTlfyu/h GUJoFJf11OGwMyZtg0EIBMdjVC66+datxEX2Oyrq+GwXc8QDuwIr9d1418eAifZXRI0yHY wugrwrbsHZa8qt7POeAgACEYVfT2BySPMgJIjz/XGUJqiRoPVkK87Tdfv6lEVDI1gn7UpY 4CEp2rQfIO5oV1qJt2nOuJnLtsaWQSI506LYjv3T7QJ791hwS6NdWZdfJ2CzZYLVbdRfZv 53WkKTe4hp/a968ggPY31F9fM7nAx58rI6cvwH6E33SRVlycVgLAK+4Bj4gq3Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694029115; a=rsa-sha256; cv=none; b=BJk8k9DIeFAFQlWRrf8ZmPBMCNwp51F9CvxNFLnS36cPG6JjUJFa9eZw281v/7sZFUKE11 FyYjk8F5HOye0Drh7koIfo1HbGePJV+r4APHjYTRstzTXy3Dcx/xP6DAWcOLXK1dLIF7k9 WcoGoFfs6FV96atxxdYaZWLHPtWsVx06FIOzJCC8MLRTo69Ie2+CEl4eQEqL51ZBIOUCua On9NoOPUZJ1SN/YhlWXbXKk4vLiIMrfU0fL6ezwSBB1f1eY6fJ6oQOu7lgjmzvgi7Y/R1w 5Hj+1+vmpwKmxmY5vJ1oKypKifrwinwvUT3hz1J8G30iEZNQd5T40NnmgVm8fg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1694029115; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=38R8rHu9pNiYtRAx8w5+9XmBzH2A68UbsKx9ARAVxvg=; b=Cx+BGUYSVDI4IRBExgm1YjZ8XlCClPgcxBWluPLOmmQkv/jaWIfqw3yGA74+pVYKD4n6gJ ZAZUkSSnR5L7jHtZigHrYWZVB+tpI1PqdJXS+PPpehYDCHZUEaZSh2pPvBwzz0fuQUfeH2 6c1y0zxnPHoi9lQmPLH5GD1dJqJpaBlN2r5FNodazjkzJig2tuyqGcETxyjYVUbrZ3mayI d+deevtVkl0cxKi/Fb5vrNlLfNg2B8ROJqgB26YHFHXK1+xVbTe3pPC/xbGD6m0Yg8BfpD NpB092V4drCuOAfNuQqxY+QZa31q8FmFMTeL5bTsWWzYSLdRIvNzPIoA+VyFGw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Rgt2z5Q7VzVR2; Wed, 6 Sep 2023 19:38:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 386JcZ3W086787; Wed, 6 Sep 2023 19:38:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 386JcZiV086784; Wed, 6 Sep 2023 19:38:35 GMT (envelope-from git) Date: Wed, 6 Sep 2023 19:38:35 GMT Message-Id: <202309061938.386JcZiV086784@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Konstantin Belousov Subject: git: 03a7c36ddbc0 - main - __crt_aligned_alloc_offset(): fix ov_index for backing allocation address List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 03a7c36ddbc0ddb1063d2c8a37c64d83e1519c55 Auto-Submitted: auto-generated The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=03a7c36ddbc0ddb1063d2c8a37c64d83e1519c55 commit 03a7c36ddbc0ddb1063d2c8a37c64d83e1519c55 Author: Konstantin Belousov AuthorDate: 2023-09-06 13:50:27 +0000 Commit: Konstantin Belousov CommitDate: 2023-09-06 19:38:15 +0000 __crt_aligned_alloc_offset(): fix ov_index for backing allocation address Wrong value of ov_index resulted in magic check failure, and refuse to free() the memory allocated with __crt_aligned_alloc_offset(). Then the TLS segments of exited threads leaked. Reported and tested by: glebius Fixes: c29ee08204ce4106d4992474005c5f2fb7d5fbf1 Sponsored by: The FreeBSD Foundation MFC after: 3 days --- libexec/rtld-elf/rtld_malloc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libexec/rtld-elf/rtld_malloc.c b/libexec/rtld-elf/rtld_malloc.c index 6e011e88ba5a..4b5140551675 100644 --- a/libexec/rtld-elf/rtld_malloc.c +++ b/libexec/rtld-elf/rtld_malloc.c @@ -188,7 +188,7 @@ __crt_aligned_alloc_offset(size_t align, size_t size, size_t offset) x += offset; ov = cp2op((void *)x); ov1.ov_magic = AMAGIC; - ov1.ov_index = x - (uintptr_t)mem - sizeof(union overhead); + ov1.ov_index = x - (uintptr_t)mem + sizeof(union overhead); memcpy(ov, &ov1, sizeof(ov1)); return ((void *)x); }