apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 59711] double free issue in apr_app.c and start.c on Windows
Date Fri, 17 Jun 2016 15:59:13 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=59711

--- Comment #6 from William A. Rowe Jr. <wrowe@apache.org> ---
Yes, it is user triggered, if the user starts, and stops the program (as users
are the ones who start, and stop programs) they will see this defect when
compiled on specific platforms.  So is the defect rm -rf / - that is a command
that users with escallated privilages may invoke.

Of course it is not remotely exploitable, there is no side effect during the
operation of any program, only upon clean shutdown of a program (more
accurately,
the clean shutdown instead results in a segfault.)

Binary condition, either the defect is encountered or it won't be encountered.

The right answer here is to build on a test/ case so we can slam this against
the entire array of VC compilers, which is the first item I'm addressing.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org


Mime
View raw message