musl - Re: Protect pthreads' mutexes against use-after-destroy

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <820837e29ea605142a934e672d670fbbd9d44cbd@dustri.org>
Date: Sun, 21 Jan 2024 12:06:14 +0000
From: julien.voisin@...tri.org
To: "Rich Felker" <dalias@...c.org>
Cc: musl@...ts.openwall.com
Subject: Re: Protect pthreads' mutexes against use-after-destroy

> Draft attached in case anyone wants to play with it. This could
> probably be something we could consider to adopt.

Couldn't a macro like `#define mutex_is_destroyed (!(m->_m_type & 8) && (m->_m_lock == 0x3fffffff)` be
used instead? Or at least named constants instead of `8` and `0x3fffffff`.

Also, the code-style seems inconsistent:

```
+       if (own == 0x3fffffff) {
+               /* Catch use-after-destroy */
+               if (!(type & 8)) a_crash();                                                                                                                                                      
+               return ENOTRECOVERABLE;
+       }
```

vs 

```
+                       /* Catch use-after-destroy */
+                       if (own == 0x3fffffff && !(type & 8)) a_crash();
                        return EPERM;
```

Both are the same check, yet only one has both conditions in a single `if`.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.