diff options
author | Steve Vinoski <[email protected]> | 2014-03-28 08:58:05 -0400 |
---|---|---|
committer | Steve Vinoski <[email protected]> | 2014-03-28 08:58:05 -0400 |
commit | 98ca47d657fafa4d91b128053e9286114115c0a8 (patch) | |
tree | cd8e8226577b5d9588f993fbc49b925dcf85628e /erts/emulator/beam/beam_emu.c | |
parent | 1ce93cb76672b523dbe2c9402f2d36ab431854ea (diff) | |
download | otp-98ca47d657fafa4d91b128053e9286114115c0a8.tar.gz otp-98ca47d657fafa4d91b128053e9286114115c0a8.tar.bz2 otp-98ca47d657fafa4d91b128053e9286114115c0a8.zip |
fix dirty NIF invalid memory read
Dirty NIF support used an Export structure to facilitate calls to dirty
NIFs and finalizers, but Export isn't large enough to hold all necessary
data. This was causing an invalid memory read in beam_emu.c past the end of
the Export object. Add a local extended Export struct to erl_nif.c that can
hold all the necessary data.
Diffstat (limited to 'erts/emulator/beam/beam_emu.c')
-rw-r--r-- | erts/emulator/beam/beam_emu.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/erts/emulator/beam/beam_emu.c b/erts/emulator/beam/beam_emu.c index 9634faff1d..1026e5f649 100644 --- a/erts/emulator/beam/beam_emu.c +++ b/erts/emulator/beam/beam_emu.c @@ -3525,7 +3525,7 @@ get_map_elements_fail: erts_post_nif(&env); #ifdef ERTS_DIRTY_SCHEDULERS if (is_non_value(nif_bif_result) && c_p->freason == TRAP) { - Export* ep = (Export*) c_p->psd->data[ERTS_PSD_DIRTY_SCHED_TRAP_EXPORT]; + Export* ep = ERTS_PROC_GET_DIRTY_SCHED_TRAP_EXPORT(c_p); ep->code[0] = I[-3]; ep->code[1] = I[-2]; } |