lib: smb_threads: fix access before init bug
authorRalph Boehme <slow@samba.org>
Tue, 3 Jul 2018 13:30:33 +0000 (15:30 +0200)
committerKarolin Seeger <kseeger@samba.org>
Thu, 12 Jul 2018 11:10:26 +0000 (13:10 +0200)
talloc_stackframe_internal() calls SMB_THREAD_GET_TLS(global_ts)  which
calls smb_get_tls_pthread() in the POSIX pthread wrapper implementation.

If SMB_THREAD_SET_TLS() hasn't been called before, global_ts is NULL and
smb_get_tls_pthread dereferences it so it crashes.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13505

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit e311801e0e7171a2b50e39d3e0c2d2137f8b3d7e)

lib/util/smb_threads.h

index 9a096167743383c76b9d00d19a3766f826421d91..67d05b8c41132a67cd43e8daaf172391f4d5a846 100644 (file)
@@ -119,6 +119,9 @@ static int smb_set_tls_pthread(void *pkey, const void *pval, const char *locatio
  \
 static void *smb_get_tls_pthread(void *pkey, const char *location) \
 { \
+       if (pkey == NULL) { \
+               return NULL; \
+       } \
         return pthread_getspecific(*(pthread_key_t *)pkey); \
 } \
  \