1 From ee6267f357b3d158f0a0e88460782e8b9d44274a Mon Sep 17 00:00:00 2001
2 From: Raquel Medina <raquel.medina@konsulko.com>
3 Date: Fri, 4 Jan 2019 07:43:03 -0500
4 Subject: [PATCH] neardal: lib: fix memory corruption
6 The current commit fixes an invalid memory access
7 which manifests as a random segfault when executing
8 continuous tag read operations.
10 The corruption happens when releasing the memory allocated to a
11 record: in the time between the memory being g_free'd and the
12 subsequent memset operation, the memory could have been reused by
13 some other process. And since memory allocation depends on
14 system-wide factors, it makes this bug hard to track.
16 Tested using ACR122U reader and NTAG213
17 tags on Automotive Grade Linux (flounder,
18 guppy and master branches)
20 Signed-off-by: Raquel Medina <raquel.medina@konsulko.com>
22 lib/neardal_record.c | 1 -
23 lib/neardal_tools.c | 5 ++++-
24 2 files changed, 4 insertions(+), 2 deletions(-)
26 diff --git a/lib/neardal_record.c b/lib/neardal_record.c
27 index 669012c..cfed5e8 100644
28 --- a/lib/neardal_record.c
29 +++ b/lib/neardal_record.c
30 @@ -31,7 +31,6 @@ void neardal_record_free(neardal_record *r)
33 neardal_g_strfreev((void **) r, &r->uriObjSize);
34 - memset(r, 0, sizeof(*r));
37 void neardal_free_record(neardal_record *record) \
38 diff --git a/lib/neardal_tools.c b/lib/neardal_tools.c
39 index f0d6157..f307df6 100644
40 --- a/lib/neardal_tools.c
41 +++ b/lib/neardal_tools.c
43 void neardal_g_strfreev(void **array, void *end)
46 - for (; (void *) p < end; p++)
47 + for (; (void *) p < end; p++) {
55 void neardal_g_variant_add_parsed(GVariant **v, const char *format, ...)