[erlang-bugs] Patch for illegal memory access in open_port BIF.

Mikael Pettersson <>
Tue Oct 9 09:03:05 CEST 2007


On Thu, 4 Oct 2007 10:57:31 -0700, Matthew Dempsky wrote:
>The open_port BIF assumes that if a tuple is passed as the first
>argument, it will have at least one element.  This causes an illegal
>memory access if open_port({}, []) is called.
>
>--- erl_bif_port.c.orig	2007-10-04 10:50:05.000000000 -0700
>+++ erl_bif_port.c	2007-10-04 10:49:03.000000000 -0700
>@@ -613,6 +613,10 @@
> 	tp = tuple_val(name);
> 	arity = *tp++;
>
>+	if (arity == make_arityval(0)) {
>+	    OPEN_PORT_ERROR(-3);
>+	}
>+
> 	if (*tp == am_spawn) {	/* A process port */
> 	    if (arity != make_arityval(2)) {
> 		OPEN_PORT_ERROR(-3);

Indeed. Good catch.
I haven't seen a reply to this yet from the OTP folks so I'm including
this fix in HiPE CVS for now to make sure it doesn't get lost.

/Mikael



More information about the erlang-bugs mailing list