This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
oracle - fixing memory handling error
If the memory area pointed by table_name is too small, it is resized multiplying its size by 2. But if this occurs, the tgt variable used in the "for" loop continues to point on a memory area which might have become invalid (because the realloc could have moved the memory somewhere else, depending on how the OS manages the memory). To fix this, in my understanding, the tgt pointer should be readjusted to the new location pointed by table_name. Running valgrind without my patch (sources based on the 7.0.1 version, but the maporaclespatial.c is identical to master): ==1908== Invalid write of size 1 ==1908== at 0x4E81FEF: msSplitData (in /usr/lib/x86_64-linux-gnu/libmapserver.so.7.0.1) Tests: runtime tested in a docker composition Note: valgrinds continues to indicate some errors related to this msSplitData() method: ==1945== 32,000 bytes in 1 blocks are definitely lost in loss record 264 of 268 ==1945== at 0x4C2AF2E: realloc (vg_replace_malloc.c:692) ==1945== by 0x4EBDF4B: msSplitData (maporaclespatial.c:404) ==1945== by 0x4EC90E0: msOracleSpatialLayerTranslateFilter (maporaclespatial.c:3499) I wonder if in the context of msOracleSpatialLayerTranslateFilter(), the pointers are still valid when they are actually freed at the end of the method.
- Loading branch information
Showing 1 changed file with 2 additions and 0 deletions.