Fiddle possibly misuses mprotect
|ruby -v:||ruby 2.1.0dev (2013-10-02 trunk 43121) [x86_64-linux]||Backport:||1.9.3: DONE, 2.0.0: DONE, 2.1: DONE|
Coverity Scan found a possible bug in "initialize" function of ext/fiddle/closure.c:
result = ffiprepclosure(pcl, cif, callback, (void *)self);
i = mprotect(pcl, sizeof(pcl), PROTREAD | PROTEXEC)
I don't understand the code completely, but the size of the pointer does not seem to make sense.
Perhaps, "sizeof(pcl)" should be "sizeof(*pcl)".
The same applies to dealloc:
BTW, ffiprepclosure seems deprecated.
We should use ffiprepclosure_loc instead when it is available.
Yusuke Endoh firstname.lastname@example.org
- ext/fiddle/closure.c: use sizeof(*pcl) for correct sizeof value. [Bug #8978]. Thanks mame!
#2 Updated by Aaron Patterson 3 months ago
I took the mprotect example from the ffi man pages. Seems there must be a bug in the example code. Anyway, I've fixed it.
Also, we should be using
ffi_prep_closure_loc if it is available: