From 615f227ff486aa64602cc3c5344af7185cc295f1 Mon Sep 17 00:00:00 2001
From: Florian Fischer <florian.fl.fischer@fau.de>
Date: Wed, 4 Nov 2020 13:39:36 +0100
Subject: [PATCH] initialize the blocked context pointer to prevent undefined
 unblock

Not initializing blockedContext means its original value is undefined and
probably some random stack value != nullptr.

If the first put() is executed before the first blocking get(), put() will read a
random value from blockedContext and will call unblock with this random context
pointer leading to execution of random memory.
---
 emper/UnboundedBlockingMpscQueue.hpp | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/emper/UnboundedBlockingMpscQueue.hpp b/emper/UnboundedBlockingMpscQueue.hpp
index c28449ab..47dd19f6 100644
--- a/emper/UnboundedBlockingMpscQueue.hpp
+++ b/emper/UnboundedBlockingMpscQueue.hpp
@@ -11,7 +11,7 @@ class UnboundedBlockingMpscQueue : protected Logger<LogSubsystem::U_B_MPSC_Q>
 								 , protected Blockable {
 
 private:
-	std::atomic<Context*> blockedContext;
+	std::atomic<Context*> blockedContext = nullptr;
 
 	bool tPopped;
 	T t;
@@ -27,6 +27,10 @@ private:
 	}
 
 	void tryToGetElement(std::function<void(void)> postRetrieve) {
+		// tPopped indicates that 't' is a popped and usable value.
+		// Therefore if we tryToGet a new 't' while 't' is available the current 't'
+		// would be overridden and dropped.
+		assert(!tPopped);
 		std::lock_guard<std::mutex> lock(queueMutex);
 		if (!mpscQueue.empty()) {
 			t = mpscQueue.front();
-- 
GitLab