Details
Description
In plugin-libevent.c, event_new() mallocs a "struct event", which is not initialized, then passes it to event_assign(), which passes it into event_base_set(), causing an invalid read. We picked it up during a valgrind run of our program.
See lines 47 - 78 here: https://github.com/couchbase/libcouchbase/blob/master/plugins/io/libevent/plugin-libevent.c
Proposed patch:
Index: libcouchbase/src/plugin-libevent.c
===================================================================
— libcouchbase/src/plugin-libevent.c (revision 16)
+++ libcouchbase/src/plugin-libevent.c (working copy)
@@ -47,7 +47,6 @@
event_callback_fn callback,
void *arg)
Attachments
For Gerrit Dashboard: CCBC-171 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
24316,2 | CCBC-171 Fix invalid read in libevent plugin | master | libcouchbase | Status: MERGED | +2 | +1 |