Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

src: fix use-after-free in inspector agent #7907

Merged
merged 1 commit into from
Aug 2, 2016

Conversation

bnoordhuis
Copy link
Member

@bnoordhuis bnoordhuis commented Jul 28, 2016

uv_close() is an asynchronous operation. Calling it on a data member
inside the destructor is unsound because its memory is about to be
reclaimed but libuv is not done with it yet.

CI: https://ci.nodejs.org/job/node-test-pull-request/3445/

@bnoordhuis bnoordhuis added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. inspector Issues and PRs related to the V8 inspector protocol labels Jul 28, 2016
@bnoordhuis
Copy link
Member Author

cc @eugeneo @ofrobots

@bnoordhuis bnoordhuis force-pushed the v8-inspector-use-after-free branch from ef2e2dc to 4902a4a Compare August 1, 2016 14:32
@bnoordhuis
Copy link
Member Author

@jasnell
Copy link
Member

jasnell commented Aug 1, 2016

LGTM fwiw :-)

@eugeneo
Copy link
Contributor

eugeneo commented Aug 1, 2016

Lgtm. Thanks!

@ofrobots
Copy link
Contributor

ofrobots commented Aug 1, 2016

LGTM.

uv_close() is an asynchronous operation.  Calling it on a data member
inside the destructor is unsound because its memory is about to be
reclaimed but libuv is not done with it yet.

PR-URL: nodejs#7907
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Eugene Ostroukhov <eostroukhov@chromium.org>
Reviewed-By: James M Snell <jasnell@gmail.com>
@bnoordhuis bnoordhuis force-pushed the v8-inspector-use-after-free branch from 4902a4a to 80b10b4 Compare August 2, 2016 06:36
@bnoordhuis bnoordhuis closed this Aug 2, 2016
@bnoordhuis bnoordhuis deleted the v8-inspector-use-after-free branch August 2, 2016 06:37
@bnoordhuis bnoordhuis merged commit 80b10b4 into nodejs:master Aug 2, 2016
@cjihrig cjihrig mentioned this pull request Aug 8, 2016
cjihrig pushed a commit that referenced this pull request Aug 10, 2016
uv_close() is an asynchronous operation.  Calling it on a data member
inside the destructor is unsound because its memory is about to be
reclaimed but libuv is not done with it yet.

PR-URL: #7907
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Eugene Ostroukhov <eostroukhov@chromium.org>
Reviewed-By: James M Snell <jasnell@gmail.com>
@cjihrig cjihrig mentioned this pull request Aug 11, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. inspector Issues and PRs related to the V8 inspector protocol lib / src Issues and PRs related to general changes in the lib or src directory.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants