luo980/libuv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

aix: fix race in uv_get_process_title()

Browse Source 
The length calculation of the title string was
performed outside of the mutex, causing data corruption
in heavily contended scenarios. Move the length
computation to within the mutex block

Fixes: https://github.com/libuv/libuv/issues/2063
PR-URL: https://github.com/libuv/libuv/pull/2069
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This commit is contained in:
Gireesh Punathil 2018-11-06 10:29:32 -05:00 committed by cjihrig
parent 00c6b1649d
commit e0bc951ff2
No known key found for this signature in database
GPG Key ID: 7434390BDBE9B9C5
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/unix/aix.c
View File

@ -886,16 +886,20 @@ int uv_set_process_title(const char* title) {
int uv_get_process_title(char* buffer, size_t size) {
size_t len;
len = strlen(process_argv[0]);
if (buffer == NULL || size == 0)
return UV_EINVAL;
else if (size <= len)
return UV_ENOBUFS;
uv_once(&process_title_mutex_once, init_process_title_mutex_once);
uv_mutex_lock(&process_title_mutex);
memcpy(buffer, process_argv[0], len + 1);
len = strlen(process_argv[0]);
if (size <= len) {
uv_mutex_unlock(&process_title_mutex);
return UV_ENOBUFS;
}
memcpy(buffer, process_argv[0], len);
buffer[len] = '\0';
uv_mutex_unlock(&process_title_mutex);