<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[23031] trunk/launchd/src/launchd_runtime.c</title>
</head>
<body>
<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.macosforge.org/projects/launchd/changeset/23031">23031</a></dd>
<dt>Author</dt> <dd>zarzycki@apple.com</dd>
<dt>Date</dt> <dd>2007-02-06 09:50:05 -0800 (Tue, 06 Feb 2007)</dd>
</dl>
<h3>Log Message</h3>
<pre><rdar://problem/4978693> Code to help track down an elusive crash</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunklaunchdsrclaunchd_runtimec">trunk/launchd/src/launchd_runtime.c</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunklaunchdsrclaunchd_runtimec"></a>
<div class="modfile"><h4>Modified: trunk/launchd/src/launchd_runtime.c (23030 => 23031)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/launchd/src/launchd_runtime.c 2007-02-05 22:11:46 UTC (rev 23030)
+++ trunk/launchd/src/launchd_runtime.c 2007-02-06 17:50:05 UTC (rev 23031)
</span><span class="lines">@@ -34,12 +34,14 @@
</span><span class="cx"> #include <mach/host_info.h>
</span><span class="cx"> #include <mach/mach_host.h>
</span><span class="cx"> #include <mach/exception.h>
</span><ins>+#include <mach-o/dyld.h>
</ins><span class="cx"> #include <sys/types.h>
</span><span class="cx"> #include <sys/time.h>
</span><span class="cx"> #include <sys/event.h>
</span><span class="cx"> #include <sys/queue.h>
</span><span class="cx"> #include <sys/socket.h>
</span><span class="cx"> #include <bsm/libbsm.h>
</span><ins>+#include <malloc/malloc.h>
</ins><span class="cx"> #include <unistd.h>
</span><span class="cx"> #include <pthread.h>
</span><span class="cx"> #include <errno.h>
</span><span class="lines">@@ -190,6 +192,36 @@
</span><span class="cx"> return NULL;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+static bool
+ptr_is_in_exe(void *ptr)
+{
+ uint32_t i, count = _dyld_image_count();
+
+ for (i = 0; i < count; i++) {
+ const struct mach_header *header = _dyld_get_image_header(i);
+ uint32_t j, offset = _dyld_get_image_vmaddr_slide(i);
+ struct segment_command *seg;
+ struct load_command *cmd;
+
+ j = 0;
+ cmd = (struct load_command*)((char *)header + sizeof(struct mach_header));
+
+ while (j < header->ncmds) {
+ if (cmd->cmd == LC_SEGMENT) {
+ seg = (struct segment_command*)cmd;
+ if (((uint32_t)ptr >= (seg->vmaddr + offset)) && ((uint32_t)ptr < (seg->vmaddr + offset + seg->vmsize))) {
+ return true;
+ }
+ }
+
+ j++;
+ cmd = (struct load_command*)((char*)cmd + cmd->cmdsize);
+ }
+ }
+
+ return false;
+}
+
</ins><span class="cx"> kern_return_t
</span><span class="cx"> x_handle_kqueue(mach_port_t junk __attribute__((unused)), integer_t fd)
</span><span class="cx"> {
</span><span class="lines">@@ -200,7 +232,12 @@
</span><span class="cx"> launchd_assumes((kevr = kevent(fd, NULL, 0, &kev, 1, &ts)) != -1);
</span><span class="cx">
</span><span class="cx"> if (kevr == 1) {
</span><del>- (*((kq_callback *)kev.udata))(kev.udata, &kev);
</del><ins>+ if (launchd_assumes(malloc_size(kev.udata) || ptr_is_in_exe(kev.udata))) {
+ (*((kq_callback *)kev.udata))(kev.udata, &kev);
+ } else {
+ syslog(LOG_ERR, "kev.ident == 0x%x kev.filter == 0x%x kev.fflags = 0x%x kev.udata = 0x%x",
+ kev.ident, kev.filter, kev.fflags, kev.udata);
+ }
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> launchd_post_kevent();
</span></span></pre>
</div>
</div>
</body>
</html>