musl - musl - an implementation of the standard library for Linux-based systems

index : musl
musl - an implementation of the standard library for Linux-based systems
summary refs log tree commit diff
path: root/src/ipc/semctl.c
diff options
context:
space:
mode:
authorrofl0r <retnyg@gmx.net>2014年03月13日 20:27:55 +0100
committerrofl0r <retnyg@gmx.net>2014年03月13日 20:52:34 +0100
commit2b47a7aff24bbfbe7ba89fc6d542acc9f5493ae2 (patch)
tree107f246032a3be3154cacbece31002dbaf947ea9 /src/ipc/semctl.c
parent7673acd31503016f2af93e187aac98da07af42b4 (diff)
downloadmusl-2b47a7aff24bbfbe7ba89fc6d542acc9f5493ae2.tar.gz
semctl: fix UB causing crashes on powerpc
it's UB to fetch variadic args when none are passed, and this caused real crashes on ppc due to its calling convention, which defines that for variadic functions aggregate types be passed as pointers. the assignment caused that pointer to get dereferenced, resulting in a crash.
Diffstat (limited to 'src/ipc/semctl.c')
-rw-r--r--src/ipc/semctl.c 12
1 files changed, 8 insertions, 4 deletions
diff --git a/src/ipc/semctl.c b/src/ipc/semctl.c
index 3d79f503..673a9a8c 100644
--- a/src/ipc/semctl.c
+++ b/src/ipc/semctl.c
@@ -11,11 +11,15 @@ union semun {
int semctl(int id, int num, int cmd, ...)
{
- union semun arg;
+ union semun arg = {0};
va_list ap;
- va_start(ap, cmd);
- arg = va_arg(ap, union semun);
- va_end(ap);
+ switch (cmd) {
+ case SETVAL: case GETALL: case SETALL: case IPC_STAT: case IPC_SET:
+ case IPC_INFO: case SEM_INFO: case SEM_STAT:
+ va_start(ap, cmd);
+ arg = va_arg(ap, union semun);
+ va_end(ap);
+ }
#ifdef SYS_semctl
return syscall(SYS_semctl, id, num, cmd | IPC_64, arg.buf);
#else
generated by cgit v1.2.1 (git 2.18.0) at 2025年09月08日 15:26:27 +0000

AltStyle によって変換されたページ (->オリジナル) /