libltdl memory corruption

Andreas Schwab Mon, 03 Mar 2008 06:40:01 -0800

libltdl uses memory after free when initialized twice.

$ cat ltdl.c
#include <ltdl.h>


int
main ()
{
  lt_dlinit ();
  lt_dlexit ();
  lt_dlinit ();
  lt_dlexit ();
}
$ gcc ltdl.c -o ltdl -lltdl
$ MALLOC_CHECK_=2 ./ltdl 
Segmentation fault

The bug is that preopen_LTX_get_vtable returns a pointer to memory that
has already been freed by lt_dlexit.

Andreas.

-- 
Andreas Schwab, SuSE Labs, [EMAIL PROTECTED]
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."


_______________________________________________
Bug-libtool mailing list
[EMAIL PROTECTED]
http://lists.gnu.org/mailman/listinfo/bug-libtool

libltdl memory corruption

Reply via email to