aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMax Kellermann <max@duempel.org>2008-10-09 19:17:33 +0200
committerMax Kellermann <max@duempel.org>2008-10-09 19:17:33 +0200
commit69e34f11f53920acf0e90cc1875abeba22c52b92 (patch)
treeaa5ad65d30812f4a0afa6ba02f5dc9df4c8b815a
parentb4f1b20fd9ff95e89eed1a14abef69d740ba6f51 (diff)
downloadmpd-69e34f11f53920acf0e90cc1875abeba22c52b92.tar.gz
mpd-69e34f11f53920acf0e90cc1875abeba22c52b92.tar.xz
mpd-69e34f11f53920acf0e90cc1875abeba22c52b92.zip
update: fixed stack corruption due to pthread_join() call
pthread_join() expects a "pointer to a pointer" parameter, but it got a "pointer to an enum". On AMD64, an enum is smaller than a pointer, leading to a buffer overflow.
-rw-r--r--src/update.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/update.c b/src/update.c
index 63d28895a..890612b74 100644
--- a/src/update.c
+++ b/src/update.c
@@ -451,6 +451,7 @@ int directory_update_init(char *path)
void reap_update_task(void)
{
+ void *thread_return;
enum update_return ret;
assert(pthread_equal(pthread_self(), main_task));
@@ -467,8 +468,9 @@ void reap_update_task(void)
if (progress != UPDATE_PROGRESS_DONE)
return;
- if (pthread_join(update_thr, (void **)&ret))
+ if (pthread_join(update_thr, &thread_return))
FATAL("error joining update thread: %s\n", strerror(errno));
+ ret = (enum update_return)(size_t)thread_return;
if (ret == UPDATE_RETURN_UPDATED)
playlistVersionChange();