[erlang-patches] Win64 memory corruption fix

Patrik Nyblom <>
Fri Feb 22 17:03:09 CET 2013


On 02/22/2013 04:04 PM, Sverker Eriksson wrote:
> Jani Hakala wrote:
>> Blaine Whittle <> writes:
>>
>>> Code wise, I looked at all uses of the type long regardless of the
>>> code section.  I agree that the majority of the patch is just
>>> formatting code with bad casts which should only result in incorrect
>>> memory reads and not writes (however I believe the issue could result
>>> in erl_misc_utils.c a write)
>>>
>> I looked at the patch and these original lines looked the most
>> suspicious to me:
>> in erts/lib_src/common/erl_printf_format.c
>>
>> 825:     unsigned long eterm;
>> 836:     eterm = va_arg(ap, unsigned long);
>> 840:     res = (*erts_printf_eterm_func)(noop_fn, NULL, eterm, prec, 
>> eterm_base);
>>
>> erts_printf_eterm_func is assigned as erts_printf_term, which calls
>> print_term. print_term probably uses eterm as a pointer at some point
>> which causes invalid memory access with top-down memory allocation.
>>
>> Jani Hakala
>>
> Yes, thank you for that observation Jani.
>
> I have now done a revised version of Blaine's patch that will be 
> included in R16B.
>
Also visible in master on github now.
>
> /Sverker, Erlang/OTP
>
> _______________________________________________
> erlang-patches mailing list
> 
> http://erlang.org/mailman/listinfo/erlang-patches



More information about the erlang-patches mailing list