[Lldb-commits] [lldb] r328761 - Prevent double release of mach ports

Frederic Riss via lldb-commits lldb-commits at lists.llvm.org
Wed Mar 28 20:49:42 PDT 2018 

Author: friss
Date: Wed Mar 28 20:49:41 2018
New Revision: 328761

URL: http://llvm.org/viewvc/llvm-project?rev=328761&view=rev
Log:
Prevent double release of mach ports

Summary:
When a MIG routine returns KERN_FAILURE, the demux function will release any OOL resources like ports. In this case, task_port and thread_port will be released twice, potentially resulting in use after free of the ports.

I don't think we can test this in any useful way
rdar://problem/37331387

Reviewers: jasonmolenda

Subscribers: lldb-commits

Differential Revision: https://reviews.llvm.org/D45011

Modified:
    lldb/trunk/source/Plugins/Process/Darwin/MachException.cpp
    lldb/trunk/tools/debugserver/source/MacOSX/MachException.cpp

Modified: lldb/trunk/source/Plugins/Process/Darwin/MachException.cpp
URL: http://llvm.org/viewvc/llvm-project/lldb/trunk/source/Plugins/Process/Darwin/MachException.cpp?rev=328761&r1=328760&r2=328761&view=diff
==============================================================================
--- lldb/trunk/source/Plugins/Process/Darwin/MachException.cpp (original)
+++ lldb/trunk/source/Plugins/Process/Darwin/MachException.cpp Wed Mar 28 20:49:41 2018
@@ -92,8 +92,6 @@ extern "C" kern_return_t catch_mach_exce
                 (uint64_t)(exc_data_count > 0 ? exc_data[0] : 0xBADDBADD),
                 (uint64_t)(exc_data_count > 1 ? exc_data[1] : 0xBADDBADD));
   }
-  mach_port_deallocate(mach_task_self(), task_port);
-  mach_port_deallocate(mach_task_self(), thread_port);
 
   return KERN_FAILURE;
 }

Modified: lldb/trunk/tools/debugserver/source/MacOSX/MachException.cpp
URL: http://llvm.org/viewvc/llvm-project/lldb/trunk/tools/debugserver/source/MacOSX/MachException.cpp?rev=328761&r1=328760&r2=328761&view=diff
==============================================================================
--- lldb/trunk/tools/debugserver/source/MacOSX/MachException.cpp (original)
+++ lldb/trunk/tools/debugserver/source/MacOSX/MachException.cpp Wed Mar 28 20:49:41 2018
@@ -86,8 +86,6 @@ extern "C" kern_return_t catch_mach_exce
                    (uint64_t)(exc_data_count > 0 ? exc_data[0] : 0xBADDBADD),
                    (uint64_t)(exc_data_count > 1 ? exc_data[1] : 0xBADDBADD));
   }
-  mach_port_deallocate(mach_task_self(), task_port);
-  mach_port_deallocate(mach_task_self(), thread_port);
 
   return KERN_FAILURE;
 }

More information about the lldb-commits mailing list