From d22893ffbad14b6cbf081b87a46578b667f4d329 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89rico=20Nogueira?= <erico.erc@gmail.com>
Date: Mon, 15 Mar 2021 16:35:11 -0300
Subject: [PATCH] mbuffer: fix use-after-free.

Fixes segfault on musl when killed with SIGINT.
---
 .../0001-mbuffer-don-t-cancel-ReaderThr.patch | 33 +++++++++++++++++++
 srcpkgs/mbuffer/template                      |  3 +-
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/mbuffer/patches/0001-mbuffer-don-t-cancel-ReaderThr.patch

diff --git a/srcpkgs/mbuffer/patches/0001-mbuffer-don-t-cancel-ReaderThr.patch b/srcpkgs/mbuffer/patches/0001-mbuffer-don-t-cancel-ReaderThr.patch
new file mode 100644
index 000000000000..1dd160547225
--- /dev/null
+++ b/srcpkgs/mbuffer/patches/0001-mbuffer-don-t-cancel-ReaderThr.patch
@@ -0,0 +1,33 @@
+Subject: [PATCH] mbuffer: don't cancel ReaderThr.
+
+joinSenders is called after ReaderThr has been joined, which makes the
+pthread_cancel call in cancelAll undefined behavior and a case of
+use-after-free. Since the thread will already have been joined in main
+by the time joinSenders is called, there is no need to cancel it, so
+that call can simply be removed.
+
+Furthermore, we don't have to account for situations where pthread_join
+can fail, because this program doesn't generate them. If there were
+other threads which tried to join readerThr at the same time, a
+successful pthread_join call should also set Status=0, so pthread_cancel
+isn't called. However, that isn't necessary.
+---
+ mbuffer.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/mbuffer.c b/mbuffer.c
+index 79c997f..6e65277 100644
+--- a/mbuffer.c
++++ b/mbuffer.c
+@@ -166,8 +166,6 @@ static void cancelAll(void)
+ 			d->result = "canceled";
+ 		d = d->next;
+ 	} while (d);
+-	if (Status)
+-		(void) pthread_cancel(ReaderThr);
+ }
+ 
+ 
+-- 
+2.30.2
+
diff --git a/srcpkgs/mbuffer/template b/srcpkgs/mbuffer/template
index d3833b914ca4..fa30e2134c17 100644
--- a/srcpkgs/mbuffer/template
+++ b/srcpkgs/mbuffer/template
@@ -1,7 +1,7 @@
 # Template file for 'mbuffer'
 pkgname=mbuffer
 version=20210209
-revision=1
+revision=2
 build_style=gnu-configure
 makedepends="openssl-devel"
 checkdepends="tar"
@@ -11,4 +11,5 @@ license="GPL-3.0-or-later"
 homepage="https://www.maier-komor.de/mbuffer.html"
 distfiles="https://www.maier-komor.de/software/mbuffer/mbuffer-${version}.tgz"
 checksum=e81f2788e2621f20f848181ef2cb19ac6d12328691437f301574b253fd899a0c
+patch_args=-Np1
 conf_files="/etc/mbuffer.rc"