New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix for double freeing of memory. #1274
Conversation
Well, your fix broke the build, since |
I think the problem is that the loop that constructs |
I think this is a more elegant fix. assign zero after release. If you agree, I will change PR in this direction? |
On looking a bit deeper, this problem is actually quite complicated. I think a few changes may be needed to get it to work correctly in all the places where it tries to clean up after an error. In particular,
as This change will be needed in both places where the hash table inserts occur. |
I don't understand how your product works so deeply. |
Yes, the multiple exit points out of that second loop and the fact that the pointers to the reference names are shared by |
please note the |
my analysis shows that it is possible to achieve double freeing of memory. to eliminate it, I propose a simple fix.
I'm beginning to think that the best solution would be to pull the hash table filling parts into a new static inline function. It would both make the error handling easier and remove some duplication. If it took a |
Yes, there was no need to set the
|
I think you need some changes to the first loop as well, as it can still jump to |
Always break the loop instead of `goto error`, to free the kstring.
my analysis shows that it is possible to achieve double freeing of memory. to eliminate it, I propose a simple fix.