Skip to content

Commit

Permalink
0-initialize thread-specific data upon thread creation. (#508)
Browse files Browse the repository at this point in the history
If thread-specific data is not set to 0 upon thread creation,
`__pthread_tsd_run_dtors` will end up running destructors passing
uninitialized memory as memory addresses, which can lead to memory
corruption.

This issue can be triggered when malloc() returns a memory address that
was freed before, as in that case memory is not zeroed out.
  • Loading branch information
veluca93 authored Jul 3, 2024
1 parent 67080fa commit 5667be1
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions libc-top-half/musl/src/thread/pthread_create.c
Original file line number Diff line number Diff line change
Expand Up @@ -458,6 +458,9 @@ int __pthread_create(pthread_t *restrict res, const pthread_attr_t *restrict att
if (!map) goto fail;
#endif
tsd = map + size - __pthread_tsd_size;
#ifndef __wasilibc_unmodified_upstream
memset(tsd, 0, __pthread_tsd_size);
#endif
if (!stack) {
#ifdef __wasilibc_unmodified_upstream
stack = tsd - libc.tls_size;
Expand Down

0 comments on commit 5667be1

Please sign in to comment.