[LTP] [PATCH v3] Fix use after stack unwind in fzsync lib

Petr Vorel pvorel@suse.cz
Thu Mar 26 21:41:07 CET 2020


Hi Martin,

> tst_fzsync_pair_reset() passes a local variable to thread B which may be
> already unwinded by the time the thread wrapper function executes. If new
> variables get allocated and initialized on stack between pthread_create()
> and thread wrapper execution, thread B will segfault.

I naively assumed this would fix SIGKILL signal for CVE 2018-1000199 test,
but it didn't.

Kind regards,
Petr


More information about the ltp mailing list