sergiotarxz/nuttx
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

sched/signal: fix pthread_kill use after free

Browse Source 
When a low-priority thread sends a kill signal to a high-priority thread,
the high-priority thread will exit and release tcb. When the thread returns
to the low-priority thread, it will access the released stcb.

Signed-off-by: yinshengkai <yinshengkai@xiaomi.com>
This commit is contained in:
yinshengkai 2024-04-24 11:10:14 +08:00 committed by Xiang Xiao
parent aedef71070
commit 7b02d788ef
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sched/signal/sig_dispatch.c
View File

@ -523,7 +523,7 @@ int nxsig_tcbdispatch(FAR struct tcb_s *stcb, siginfo_t *info)
* must be unblocked when a signal is received.
*/
if (stcb->task_state == TSTATE_WAIT_MQNOTEMPTY ||
else if (stcb->task_state == TSTATE_WAIT_MQNOTEMPTY ||
stcb->task_state == TSTATE_WAIT_MQNOTFULL)
{
nxmq_wait_irq(stcb, EINTR);
@ -535,7 +535,7 @@ int nxsig_tcbdispatch(FAR struct tcb_s *stcb, siginfo_t *info)
* if SIGCONT is received.
*/
if (stcb->task_state == TSTATE_TASK_STOPPED &&
else if (stcb->task_state == TSTATE_TASK_STOPPED &&
info->si_signo == SIGCONT)
{
#ifdef HAVE_GROUP_MEMBERS