From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <libc-alpha-bounces+e=80x24.org@sourceware.org>
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: AS17314 8.43.84.0/22
X-Spam-Status: No, score=-3.0 required=3.0 tests=AWL,BAYES_00,BODY_8BITS,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI,
	PDS_RDNS_DYNAMIC_FP,RCVD_IN_DNSWL_HI,RDNS_DYNAMIC,SPF_HELO_PASS,
	SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2
Received: from sourceware.org (ip-8-43-85-97.sourceware.org [8.43.85.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by dcvr.yhbt.net (Postfix) with ESMTPS id 95F261F8C6
	for <e@80x24.org>; Mon,  9 Aug 2021 13:27:32 +0000 (UTC)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id A3D923893658
	for <e@80x24.org>; Mon,  9 Aug 2021 13:27:31 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org A3D923893658
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1628515651;
	bh=rCPcyxpLFN7ncKjJa1p0ENGEFTVDZQK3mNTQ3iXU7uE=;
	h=To:Subject:References:Date:In-Reply-To:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	 From;
	b=WppyVPcE+c7RaAQQuPjQyOlZTEjHJk9WOavf6KNaHdZXX+NgRcl/EdBddOki4B4Mj
	 7T1Z9Ugn8GZx6CFZUiTnap8NLECcgAXKBcbKt2U9WEo4Z0exahpYYkEnKdc3jHslxO
	 tq/GNtkLiuETtW3cUoW1cwgYcqn4kiXwcqD+fdCs=
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [216.205.24.124])
 by sourceware.org (Postfix) with ESMTP id 9515D385B83F
 for <libc-alpha@sourceware.org>; Mon,  9 Aug 2021 13:27:11 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 9515D385B83F
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-493-h-mLK5mVNBqQV-5KT69dig-1; Mon, 09 Aug 2021 09:27:09 -0400
X-MC-Unique: h-mLK5mVNBqQV-5KT69dig-1
Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com
 [10.5.11.23])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B4D06101C8A5;
 Mon,  9 Aug 2021 13:27:08 +0000 (UTC)
Received: from oldenburg.str.redhat.com (unknown [10.39.194.2])
 by smtp.corp.redhat.com (Postfix) with ESMTPS id B47D219D9B;
 Mon,  9 Aug 2021 13:27:07 +0000 (UTC)
To: Siddhesh Poyarekar <siddhesh@gotplt.org>
Subject: Re: [PATCH] librt: fix NULL pointer dereference (bug 28213)
References: <CA+cA0PA3mNB=QW_oSd2BAuRsr=6Hmt1bt61kanQ=_vcN4ygeYQ@mail.gmail.com>
 <ef1aecbb-fb10-7c93-5315-0f5ed886b152@gotplt.org>
Date: Mon, 09 Aug 2021 15:27:05 +0200
In-Reply-To: <ef1aecbb-fb10-7c93-5315-0f5ed886b152@gotplt.org> (Siddhesh
 Poyarekar's message of "Mon, 9 Aug 2021 18:51:19 +0530")
Message-ID: <87fsvirbo6.fsf@oldenburg.str.redhat.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: libc-alpha@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
 <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
From: Florian Weimer via Libc-alpha <libc-alpha@sourceware.org>
Reply-To: Florian Weimer <fweimer@redhat.com>
Cc: libc-alpha@sourceware.org,
 =?utf-8?B?0J3QuNC60LjRgtCwINCf0L7Qv9C+0LI=?= <npv1310@gmail.com>
Errors-To: libc-alpha-bounces+e=80x24.org@sourceware.org
Sender: "Libc-alpha" <libc-alpha-bounces+e=80x24.org@sourceware.org>

* Siddhesh Poyarekar:

> On 8/9/21 5:55 PM, =D0=9D=D0=B8=D0=BA=D0=B8=D1=82=D0=B0 =D0=9F=D0=BE=D0=
=BF=D0=BE=D0=B2 via Libc-alpha wrote:
>> Helper thread frees copied attribute on NOTIFY_REMOVED message received =
from the OS kernel. Unfortunately, it fails to check whether copied attribu=
te actually exists (data.attr !=3D NULL). This worked earlier because free(=
) checks passed pointer before actually attempting to release corresponding=
 memory. But __pthread_attr_destroy assumes pointer is not NULL. So passing=
 NULL pointer to __pthread_attr_destroy will result in segmentation fault. =
This scenario is possible if notification->sigev_notify_attributes =3D=3D N=
ULL (which means default thread attributes should be used).
>
> Thank you, the fix looks good to me.  Do you have a test case to go with =
it?

Siddhesh, if you are going to push this, please line-wrap the commit
message before doing so.

Thanks,
Florian