GNU bug report logs - #68421
Possible use after free in w32notify.c

Previous Next

Package: emacs;

Reported by: Stefan Kangas <stefankangas <at> gmail.com>

Date: Sat, 13 Jan 2024 07:50:01 UTC

Severity: normal

Fixed in version 30.1

Done: Stefan Kangas <stefankangas <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Stefan Kangas <stefankangas <at> gmail.com>
Subject: bug#68421: closed (Re: bug#68421: Possible use after free in
 w32notify.c)
Date: Sat, 13 Jan 2024 09:26:01 +0000

[Message part 1 (text/plain, inline)]
Your bug report

#68421: Possible use after free in w32notify.c

which was filed against the emacs package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 68421 <at> debbugs.gnu.org.

-- 
68421: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=68421
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]
From: Stefan Kangas <stefankangas <at> gmail.com>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: 68421-done <at> debbugs.gnu.org
Subject: Re: bug#68421: Possible use after free in w32notify.c
Date: Sat, 13 Jan 2024 03:25:44 -0600

Version: 30.1

Eli Zaretskii <eliz <at> gnu.org> writes:

>> From: Stefan Kangas <stefankangas <at> gmail.com>
>> Date: Sat, 13 Jan 2024 01:49:36 -0600
>>
>> Could someone familiar with w32notify.c look over the attached patch?
>>
>> It looks like we are trying to dereference NULL in add_watch, and
>> returning an already freed value from start_watching.
>
> Feel free to install on master, and thanks.

Thanks, done in commit 893829021bd.


[Message part 3 (message/rfc822, inline)]
From: Stefan Kangas <stefankangas <at> gmail.com>
To: bug-gnu-emacs <at> gnu.org
Subject: Possible use after free in w32notify.c
Date: Sat, 13 Jan 2024 01:49:36 -0600

[Message part 4 (text/plain, inline)]
Could someone familiar with w32notify.c look over the attached patch?

It looks like we are trying to dereference NULL in add_watch, and
returning an already freed value from start_watching.

[w32notify-ub.diff (text/x-diff, attachment)]
This bug report was last modified 1 year and 188 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.