Tcl Source Code

View Ticket
Login
Core Home Timeline Branches Tags Tickets Download Wiki
Attach Edit New Ticket Plaintext
Ticket UUID: 2570123b6384460203e0456861e04454296acc78
Title: system encoding is not protected from freeing during encode/decode operations
Type: Bug Version: 8.6
Submitter: apnadkarni Created on: 2025-08-13 17:11:30
Subsystem: - New Builtin Commands Assigned To: nobody
Priority: 5 Medium Severity: Important
Status: Closed Last Modified: 2025-08-14 11:40:50
Resolution: Duplicate Closed By: apnadkarni
    Closed on: 2025-08-14 11:40:50
Description:

Inspecting code, I have doubts about potential crashes from accessing freed encodings in multithreaded environments. Several functions have code similar to below:

if (encoding == NULL) // encoding is passed by caller
   encoding = systemEncoding; // systemEncoding is GLOBAL shared by threads

Do some operations involving the encoding.

The issue I am wondering about is that the reference count on systemEncoding is not incremented in such cases. What happens if some other thread calls encoding system and changes the systemEncoding causing the original one in use above to be freed?

Need to build a test case to verify above race condition but perhaps someone could corroborate or refute my analysis. And save me the trouble of creating the test case :-)

User Comments: apnadkarni added on 2025-08-14 11:40:50: 
Oh, yes it is! Short term memory loss (to go with long term memory loss).

Closing as duplicate.
sebres added on 2025-08-13 17:59:20:

Is not that a duplicate of [f2ff05fc84]?

This page was generated in about 0.009s by Fossil 2.27 [a6d506ecc4] 2025-07-09 13:52:53