[pcre-dev] [Bug 2377] New: allocator_grab_lock not thread sa…

Top Page
Delete this message
Author: admin
Date:  
To: pcre-dev
New-Topics: [pcre-dev] [Bug 2377] allocator_grab_lock not thread safe on windows, [pcre-dev] [Bug 2377] allocator_grab_lock not thread safe on windows, [pcre-dev] [Bug 2377] allocator_grab_lock not thread safe on windows, [pcre-dev] [Bug 2377] allocator_grab_lock not thread safe on windows, [pcre-dev] [Bug 2377] allocator_grab_lock not thread safe on windows, [pcre-dev] [Bug 2377] allocator_grab_lock not thread safe on windows, [pcre-dev] [Bug 2377] allocator_grab_lock not thread safe on windows
Subject: [pcre-dev] [Bug 2377] New: allocator_grab_lock not thread safe on windows
https://bugs.exim.org/show_bug.cgi?id=2377

            Bug ID: 2377
           Summary: allocator_grab_lock not thread safe on windows
           Product: PCRE
           Version: 10.32 (PCRE2)
          Hardware: x86-64
                OS: Windows
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Code
          Assignee: ph10@???
          Reporter: julien.cugniere@???
                CC: pcre-dev@???


In the windows port, function allocator_grab_lock from sljitutils.c looks like
this :

static HANDLE global_mutex = 0;

SLJIT_API_FUNC_ATTRIBUTE void SLJIT_FUNC sljit_grab_lock(void)
{
    /* No idea what to do if an error occures. Static mutexes should never
fail... */
    if (!global_mutex)
        global_mutex = CreateMutex(NULL, TRUE, NULL);
    else
        WaitForSingleObject(global_mutex, INFINITE);
}


This is racy: if the first call to sljit_grab_lock occurs from multiple thread
at the same time (can happen when synchronizing threads), the mutex will be
created multiple times. This can produce crashes (multiple concurrent accesses
to the allocator) or deadlocks (some thread will create and lock one mutex, and
later unlock a different one, and some thread will be waiting on a mutex that
no one will unlock).

One workaround is to compile a dummy regular expression from the main thread
before using PCRE in other threads.

This issue occurs frequently in one of my programs, but apparently, someone
else discovered it a while back, along with a few other issues:
https://cure53.de/pentest-report_pcre.pdf

--
You are receiving this mail because:
You are on the CC list for the bug.