diff options
author | Mark Mentovai <mark@chromium.org> | 2019-04-26 12:28:57 -0400 |
---|---|---|
committer | Mark Mentovai <mark@chromium.org> | 2019-04-26 18:44:49 +0000 |
commit | 9f90ceb904b776d194863af218e8bce26d95ce8f (patch) | |
tree | 9ba53eafc125c802400ebda33ae0ba6a0d595cdc /src/client/linux | |
parent | [Breakpad iOS] Add a callback on report upload completion. (diff) | |
download | breakpad-9f90ceb904b776d194863af218e8bce26d95ce8f.tar.xz |
Linux MinidumpWriter: fix stack-use-after-scope violation
One form of google_breakpad::WriteMinidump() passed MappingList and
AppMemoryList objects by reference to a MinidumpWriter object,
instantiating them directly as constructor parameters. The
MinidumpWriter stored these objects internally as references, and the
underlying objects went out of scope after MinidumpWriter construction.
The MinidumpWriter outlived them, causing a violation on any attempt to
access them following construction.
This bug was detected by AddressSanitizer at
https://logs.chromium.org/logs/chromium/buildbucket/cr-buildbucket.appspot.com/8915150848087289472/+/steps/breakpad_unittests__with_patch_/0/stdout
Bug: chromium:949098
Change-Id: I072ea9f1b64e1eae3e89d4a2b158764ff7970db5
Reviewed-on: https://chromium-review.googlesource.com/c/breakpad/breakpad/+/1585946
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Diffstat (limited to 'src/client/linux')
-rw-r--r-- | src/client/linux/minidump_writer/minidump_writer.cc | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/client/linux/minidump_writer/minidump_writer.cc b/src/client/linux/minidump_writer/minidump_writer.cc index e436bf07..f8cdf2a1 100644 --- a/src/client/linux/minidump_writer/minidump_writer.cc +++ b/src/client/linux/minidump_writer/minidump_writer.cc @@ -1424,8 +1424,10 @@ bool WriteMinidump(const char* minidump_path, pid_t process, // MinidumpWriter will set crash address dumper.set_crash_signal(MD_EXCEPTION_CODE_LIN_DUMP_REQUESTED); dumper.set_crash_thread(process_blamed_thread); - MinidumpWriter writer(minidump_path, -1, NULL, MappingList(), - AppMemoryList(), false, 0, false, &dumper); + MappingList mapping_list; + AppMemoryList app_memory_list; + MinidumpWriter writer(minidump_path, -1, NULL, mapping_list, + app_memory_list, false, 0, false, &dumper); if (!writer.Init()) return false; return writer.Dump(); |