[erlang-patches] Win64 memory corruption fix

Sverker Eriksson <>
Fri Feb 22 16:04:04 CET 2013


Jani Hakala wrote:
> Blaine Whittle <> writes:
>
>   
>> Code wise, I looked at all uses of the type long regardless of the
>> code section.  I agree that the majority of the patch is just
>> formatting code with bad casts which should only result in incorrect
>> memory reads and not writes (however I believe the issue could result
>> in erl_misc_utils.c a write)
>>
>>     
> I looked at the patch and these original lines looked the most
> suspicious to me: 
>
> in erts/lib_src/common/erl_printf_format.c
>
> 825:     unsigned long eterm;
> 836:     eterm = va_arg(ap, unsigned long);
> 840:	 res = (*erts_printf_eterm_func)(noop_fn, NULL, eterm, prec, eterm_base);
>
> erts_printf_eterm_func is assigned as erts_printf_term, which calls
> print_term. print_term probably uses eterm as a pointer at some point
> which causes invalid memory access with top-down memory allocation.
>
> Jani Hakala
>
>   
Yes, thank you for that observation Jani.

I have now done a revised version of Blaine's patch that will be 
included in R16B.


/Sverker, Erlang/OTP



More information about the erlang-patches mailing list