[erlang-patches] Win64 memory corruption fix
Jani Hakala
jani.j.hakala@REDACTED
Wed Feb 13 22:13:20 CET 2013
Blaine Whittle <BWhittle@REDACTED> writes:
> Code wise, I looked at all uses of the type long regardless of the
> code section. I agree that the majority of the patch is just
> formatting code with bad casts which should only result in incorrect
> memory reads and not writes (however I believe the issue could result
> in erl_misc_utils.c a write)
>
I looked at the patch and these original lines looked the most
suspicious to me:
in erts/lib_src/common/erl_printf_format.c
825: unsigned long eterm;
836: eterm = va_arg(ap, unsigned long);
840: res = (*erts_printf_eterm_func)(noop_fn, NULL, eterm, prec, eterm_base);
erts_printf_eterm_func is assigned as erts_printf_term, which calls
print_term. print_term probably uses eterm as a pointer at some point
which causes invalid memory access with top-down memory allocation.
Jani Hakala
More information about the erlang-patches
mailing list