![(please configure the [header_logo] section in trac.ini)](/repos/chrome/site/pj.jpg)
Opened 16 years ago
Closed 16 years ago
#769 closed defect (fixed)
Bug in select ioqueue: event counter may exceed maximum value, causing stack corruption (thanks Joel Dodson for the report)
| Reported by: | bennylp | Owned by: | bennylp |
|---|---|---|---|
| Priority: | normal | Milestone: | release-1.2 |
| Component: | pjlib | Version: | trunk |
| Keywords: | Cc: | ||
| Backport to 1.x milestone: | Backported: |
Description (last modified by bennylp)
Stack corruption in pj_ioqueue_poll(), when execution is about to return:
#if PJ_IOQUEUE_HAS_SAFE_UNREG
decrement_counter(event[counter].key);
#endif
}
return count;
count and counter are 17. Unfortunately, event is only 16 elements long.
The corresponding ticket for 1.0 branch is ticket #770
Change History (2)
comment:1 Changed 16 years ago by bennylp
- Description modified (diff)
comment:2 Changed 16 years ago by bennylp
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
In r2554: