diff options
| author | Rich Felker <dalias@aerifal.cx> | 2015-04-21 13:24:46 -0400 |
|---|---|---|
| committer | Rich Felker <dalias@aerifal.cx> | 2015-04-21 13:24:46 -0400 |
| commit | 086793ad99dc625fd1c47f96fc31ea8aa316b438 (patch) | |
| tree | 2f8110253072aa9ec6f2dcedf3025dca5d11b064 | |
| parent | c5ab5bd3be15eb9d49222df132a51ae8e8f78cbc (diff) | |
| download | musl-086793ad99dc625fd1c47f96fc31ea8aa316b438.tar.gz musl-086793ad99dc625fd1c47f96fc31ea8aa316b438.tar.xz musl-086793ad99dc625fd1c47f96fc31ea8aa316b438.zip | |
fix mmap leak in sem_open failure path for link call
the leak was found by static analysis (reported by Alexander Monakov), not tested/observed, but seems to have occured both when failing due to O_EXCL, and in a race condition with O_CREAT but not O_EXCL where a semaphore by the same name was created concurrently.
| -rw-r--r-- | src/thread/sem_open.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/thread/sem_open.c b/src/thread/sem_open.c index ab884a42..fda0acd3 100644 --- a/src/thread/sem_open.c +++ b/src/thread/sem_open.c @@ -126,6 +126,7 @@ sem_t *sem_open(const char *name, int flags, ...) e = link(tmp, name) ? errno : 0; unlink(tmp); if (!e) break; + munmap(map, sizeof(sem_t)); /* Failure is only fatal when doing an exclusive open; * otherwise, next iteration will try to open the * existing file. */ |