diff options
| author | Steve Huston <shuston@riverace.com> | 2012-03-23 22:11:35 +0000 |
|---|---|---|
| committer | Steve Huston <shuston@riverace.com> | 2012-03-23 22:11:35 +0000 |
| commit | 72d4a6aa8e2b8d0519011dff49f4876ad402ef5f (patch) | |
| tree | e1923c16bceff26dffdcd8783dfbc02fd483f9bf | |
| parent | 555be3a15f41e0eb42ee328ed0a417b55790b0de (diff) | |
| download | ATCD-72d4a6aa8e2b8d0519011dff49f4876ad402ef5f.tar.gz | |
ChangeLogTag:Fri Mar 23 22:06:11 UTC 2012 Steve Huston <shuston@riverace.com>
| -rw-r--r-- | ACE/ChangeLog | 8 | ||||
| -rw-r--r-- | ACE/THANKS | 1 | ||||
| -rw-r--r-- | ACE/ace/WIN32_Asynch_IO.cpp | 6 |
3 files changed, 14 insertions, 1 deletions
diff --git a/ACE/ChangeLog b/ACE/ChangeLog index 653f2a70e8e..1764d66d8d0 100644 --- a/ACE/ChangeLog +++ b/ACE/ChangeLog @@ -1,3 +1,11 @@ +Fri Mar 23 22:06:11 UTC 2012 Steve Huston <shuston@riverace.com> + + * ace/WIN32_Asynch_IO.cpp: Fixed possible heap corruption in + ACE_SOCK_Dgram_Read_Dgram::recv(). Thank you to + Dmytro Ovdiienko <dmitriy.ovdienko@gmail.com> for unconvering this. + + * THANKS: Added Dmytro to the Hall of Fame. + Thu Mar 22 16:23:14 UTC 2012 Steve Huston <shuston@riverace.com> * ace/SOCK_Dgram_Mcast.h: Corrected the description of conditions diff --git a/ACE/THANKS b/ACE/THANKS index 7f8f53ea62f..390663610f8 100644 --- a/ACE/THANKS +++ b/ACE/THANKS @@ -2359,6 +2359,7 @@ JaeSung Lee <berise at gmail dot com> Chong Wuk Pak <chong dot pak at lmco dot com> Michael Frommberger <michael dot frommberger at gmx dot net> Andrey Karpov <karpov at viva64 dot com> +Dmytro Ovdiienko <dmitriy dot ovdienko at gmail.com> I would particularly like to thank Paul Stephenson, who worked with me at Ericsson in the early 1990's. Paul devised the recursive Makefile diff --git a/ACE/ace/WIN32_Asynch_IO.cpp b/ACE/ace/WIN32_Asynch_IO.cpp index 047974f962f..9d925b784b7 100644 --- a/ACE/ace/WIN32_Asynch_IO.cpp +++ b/ACE/ace/WIN32_Asynch_IO.cpp @@ -3367,11 +3367,15 @@ ACE_WIN32_Asynch_Read_Dgram::recv (ACE_Message_Block *message_block, -1); // do the scatter/gather recv + // NOTE! The flags value is in/out to recvfrom() - it's changed AFTER + // the call to WSARecvFrom returns and if it completes immediately, the + // result object may already be deleted. Since the changed value is not + // used, and not needed by result, pass a copy to avoid the race. ssize_t initiate_result = ACE_OS::recvfrom (result->handle (), iov, iovcnt, number_of_bytes_recvd, - result->flags_, + flags, result->saddr (), &(result->addr_len_), result, |