Skip to content

src: fix use-after-free in inspector agent #7907

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 2, 2016
Merged

src: fix use-after-free in inspector agent #7907

merged 1 commit into from
Aug 2, 2016

Conversation

bnoordhuis
Copy link
Member

@bnoordhuis bnoordhuis commented Jul 28, 2016
edited
Loading

uv_close() is an asynchronous operation. Calling it on a data member
inside the destructor is unsound because its memory is about to be
reclaimed but libuv is not done with it yet.

CI: https://ci.nodejs.org/job/node-test-pull-request/3445/

@bnoordhuis bnoordhuis added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. inspector Issues and PRs related to the V8 inspector protocol labels Jul 28, 2016
@bnoordhuis
Copy link
Member Author

cc @eugeneo @ofrobots

@bnoordhuis bnoordhuis force-pushed the v8-inspector-use-after-free branch from ef2e2dc to 4902a4a Compare August 1, 2016 14:32
@bnoordhuis
Copy link
Member Author

Rebased, PTAL. CI: https://ci.nodejs.org/job/node-test-pull-request/3482/

R=@ofrobots?

@jasnell
Copy link
Member

jasnell commented Aug 1, 2016

LGTM fwiw :-)

@eugeneo
Copy link
Contributor

eugeneo commented Aug 1, 2016

Lgtm. Thanks!

@ofrobots
Copy link
Contributor

ofrobots commented Aug 1, 2016

LGTM.

@bnoordhuis
src: fix use-after-free in inspector agent
80b10b4 
uv_close() is an asynchronous operation.  Calling it on a data member
inside the destructor is unsound because its memory is about to be
reclaimed but libuv is not done with it yet.

PR-URL: nodejs#7907
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Eugene Ostroukhov <eostroukhov@chromium.org>
Reviewed-By: James M Snell <jasnell@gmail.com>
@bnoordhuis bnoordhuis force-pushed the v8-inspector-use-after-free branch from 4902a4a to 80b10b4 Compare August 2, 2016 06:36
@bnoordhuis bnoordhuis closed this Aug 2, 2016
@bnoordhuis bnoordhuis deleted the v8-inspector-use-after-free branch August 2, 2016 06:37
@bnoordhuis bnoordhuis merged commit 80b10b4 into nodejs:master Aug 2, 2016
@cjihrig cjihrig mentioned this pull request Aug 8, 2016
Closed
cjihrig pushed a commit that referenced this pull request Aug 10, 2016
@bnoordhuis @cjihrig
src: fix use-after-free in inspector agent
780395f 
uv_close() is an asynchronous operation.  Calling it on a data member
inside the destructor is unsound because its memory is about to be
reclaimed but libuv is not done with it yet.

PR-URL: #7907
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Eugene Ostroukhov <eostroukhov@chromium.org>
Reviewed-By: James M Snell <jasnell@gmail.com>
@cjihrig cjihrig mentioned this pull request Aug 11, 2016
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. inspector Issues and PRs related to the V8 inspector protocol lib / src Issues and PRs related to general changes in the lib or src directory.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@bnoordhuis @jasnell @eugeneo @ofrobots @MylesBorins