Changes between Initial Version and Version 2 of Ticket #5590


Ignore:
Timestamp:
Jul 25, 2014, 12:45:51 PM (7 years ago)
Author:
cleo
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #5590

    • Property Version changed from unspecified to 1.10.1
    • Property Severity changed from normal to critical
  • Ticket #5590 – Description

    initial v2  
    1 In 32bit mode, when compiling with STDCALL=YES in nmake.opt, the CPLSetThreadLocalConfigOption() function in port/cpl_conv.cpp sets a deletion callback with CPLSetTLSWithFreeFunc() by passing in a pointer to CSLDestroy. CSLDestroy was changed to STDCALL in 2005, but CPLSetTLSWithFreeFunc() only takes callbacks that are non-STDCALL. So when this callback is run, the stack is out of sync by 4 bytes because the caller removed the argument and so does the caller (resulting in one too many removals of the argument from the stack) and the thread promptly crashes upon return since the return address used is bogus.
     1In 32bit mode, when compiling with STDCALL=YES in nmake.opt, the CPLSetThreadLocalConfigOption() function in port/cpl_conv.cpp sets a deletion callback with CPLSetTLSWithFreeFunc() by passing in a pointer to CSLDestroy. CSLDestroy was changed to STDCALL in 2005, but CPLSetTLSWithFreeFunc() only takes callbacks that are non-STDCALL. So when this callback is run, the stack is out of sync by 4 bytes because the callee removed the argument and so does the caller (resulting in one too many removals of the argument from the stack) and the thread promptly crashes upon return since the return address used is bogus.
    22
    33This bug has caused us a significant amount of headaches and appears to have been there for quite a while.