RepoMirrors
/
mpv
mirror of https://github.com/mpv-player/mpv
1
0
Fork 0
Code Issues Releases Wiki Activity

win32: fix massive memory corruption (take 2) 

As pointed out by uau on IRC, the pointer to info is still used outside
of the lock. An extremely small race condition window, but still a race
condition.
This commit is contained in:
wm4 2017-08-21 18:40:52 +02:00
parent d431111b06
commit 0bfeba2d9a
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
osdep/win32/pthread.c
View File

@ -206,11 +206,12 @@ int pthread_detach(pthread_t thread)
static DWORD WINAPI run_thread(LPVOID lpParameter)
{
pthread_mutex_lock(&pthread_table_lock);
struct m_thread_info *info = find_thread_info(pthread_self());
assert(info);
struct m_thread_info *pinfo = find_thread_info(pthread_self());
assert(pinfo);
struct m_thread_info info = *pinfo;
pthread_mutex_unlock(&pthread_table_lock);
pthread_exit(info->user_fn(info->user_arg));
pthread_exit(info.user_fn(info.user_arg));
abort(); // not reached
}