fix accidental corrdump
Maxim Dounin
mdounin at mdounin.ru
Tue Sep 27 20:51:55 UTC 2022
Hello!
On Tue, Sep 27, 2022 at 03:25:18PM +0800, zjd wrote:
> # HG changeset patch
> # User Zhang Jinde <zjd5536 at 163.com>
> # Date 1664261587 -28800
> # Tue Sep 27 14:53:07 2022 +0800
> # Node ID 226a75a3703db612ed13d4357ac1b71faef6974a
> # Parent ba5cf8f73a2d0a3615565bf9545f3d65216a0530
> Core: fix ngx_reset_pool wild pointer's coredump
>
> When frequently use ngx_reset_pool and use memory to the same pool in a worker, it hanpens to accidental corrdump sometimes.
>
> diff -r ba5cf8f73a2d -r 226a75a3703d src/core/ngx_palloc.c
> --- a/src/core/ngx_palloc.c Thu Sep 08 13:53:49 2022 +0400
> +++ b/src/core/ngx_palloc.c Tue Sep 27 14:53:07 2022 +0800
> @@ -105,6 +105,7 @@
> for (l = pool->large; l; l = l->next) {
> if (l->alloc) {
> ngx_free(l->alloc);
> + l->alloc = NULL;
> }
> }
Could you please clarify what you are trying to fix here?
>From the description it looks like your module tries to use memory
already freed by ngx_reset_pool(). If that's the case, the
coredumps you observing aren't accidental, but rather an expected
result of the use-after-free bug in your module.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx
mailing list