commit ae8eb74675722b57ab66a51f1d6f4f250137bb23
author Xi Wang <xi.wang@gmail.com> Sat Oct 27 02:02:01 2012 -0400
committer Elliott Hughes <enh@google.com> Mon Oct 29 08:22:13 2012 -0700
tree 7a5b7bf7eed38b5a7a5129cd1f261e66277381b0
parent 33c4a3adde3cf1753af0661f48ce86358e105277

Fix a potential NULL pointer dereference in _init_thread().

The first NULL pointer check against `attr' suggests that `attr' can
be NULL.  Then later `attr' is directly dereferenced, suggesting the
opposite.

    if (attr == NULL) {
        ...
    } else {
        ...
    }
    ...
    if (attr->stack_base == ...) { ... }

The public API pthread_create(3) allows NULL, and interprets it as "default".
Our implementation actually swaps in a pointer to the global default
pthread_attr_t, so we don't need any NULL checks in _init_thread. (The other
internal caller passes its own pthread_attr_t.)

Change-Id: I0a4e79b83f5989249556a07eed1f2887e96c915e
Signed-off-by: Xi Wang <xi.wang@gmail.com>

libc/bionic/pthread_internal.h

diff --git a/libc/bionic/pthread_internal.h b/libc/bionic/pthread_internal.h
index 4bc81ef..a6b44c7 100644
--- a/libc/bionic/pthread_internal.h
+++ b/libc/bionic/pthread_internal.h
@@ -54,7 +54,7 @@
     char dlerror_buffer[__BIONIC_DLERROR_BUFFER_SIZE];
 } pthread_internal_t;
 
-int _init_thread(pthread_internal_t* thread, pid_t kernel_id, pthread_attr_t* attr,
+int _init_thread(pthread_internal_t* thread, pid_t kernel_id, const pthread_attr_t* attr,
                  void* stack_base, bool add_to_thread_list);
 void _pthread_internal_add( pthread_internal_t*  thread );
 pthread_internal_t* __get_thread(void);