From c03c52965cee1a53570795447d8de61350a6c7dd Mon Sep 17 00:00:00 2001 From: Jan Vorlicek Date: Thu, 2 Apr 2020 02:57:02 +0200 Subject: [PATCH] Fix write behind allocated memory in thread name setting (#34424) The code in CorUnix::InternalSetThreadDescription is writing behind the end of the allocated memory in case the name is shorter than 16 characters. That is causing memory heap corruption. --- src/coreclr/src/pal/src/thread/thread.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/coreclr/src/pal/src/thread/thread.cpp b/src/coreclr/src/pal/src/thread/thread.cpp index 1473601..159ef03 100644 --- a/src/coreclr/src/pal/src/thread/thread.cpp +++ b/src/coreclr/src/pal/src/thread/thread.cpp @@ -1666,7 +1666,10 @@ CorUnix::InternalSetThreadDescription( // Null terminate early. // pthread_setname_np only accepts up to 16 chars. - nameBuf[15] = '\0'; + if (nameSize > 15) + { + nameBuf[15] = '\0'; + } error = pthread_setname_np(pTargetThread->GetPThreadSelf(), nameBuf); -- 2.7.4