From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 10582 invoked by alias); 29 Jul 2013 16:45:35 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 10543 invoked by uid 89); 29 Jul 2013 16:45:34 -0000 X-Spam-SWARE-Status: No, score=-5.1 required=5.0 tests=AWL,BAYES_20,KHOP_THREADED,RCVD_IN_HOSTKARMA_W,RCVD_IN_HOSTKARMA_WL,RDNS_NONE,SPF_HELO_PASS,SPF_PASS autolearn=no version=3.3.1 Received: from Unknown (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.84/v0.84-167-ge50287c) with ESMTP; Mon, 29 Jul 2013 16:45:33 +0000 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r6TGjQ0s017230 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Mon, 29 Jul 2013 12:45:26 -0400 Received: from barimba.redhat.com (ovpn-113-128.phx2.redhat.com [10.3.113.128]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r6TGjPbE023425; Mon, 29 Jul 2013 12:45:26 -0400 From: Tom Tromey To: gdb-patches@sourceware.org Cc: Tom Tromey Subject: [PATCH 1/8] fix latent bugs in ui-out.c Date: Mon, 29 Jul 2013 16:45:00 -0000 Message-Id: <1375116324-32092-2-git-send-email-tromey@redhat.com> In-Reply-To: <1375116324-32092-1-git-send-email-tromey@redhat.com> References: <1375116324-32092-1-git-send-email-tromey@redhat.com> X-SW-Source: 2013-07/txt/msg00713.txt.bz2 The destructor code in ui-out.c has a latent bug, which is hidden by the fact that nothing uses this right now. This patch fixes the problem. The bug is that we don't always clear a pointer in the ui-out object, leading to bad a free. * ui-out.c (clear_table, ui_out_new): Clear uiout->table.id. --- gdb/ui-out.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gdb/ui-out.c b/gdb/ui-out.c index 03b1240..3c6c529 100644 --- a/gdb/ui-out.c +++ b/gdb/ui-out.c @@ -807,8 +807,8 @@ uo_table_header (struct ui_out *uiout, int width, enum ui_align align, static void clear_table (struct ui_out *uiout) { - if (uiout->table.id) - xfree (uiout->table.id); + xfree (uiout->table.id); + uiout->table.id = NULL; clear_header_list (uiout); } @@ -1114,6 +1114,7 @@ ui_out_new (struct ui_out_impl *impl, void *data, current->field_count = 0; VEC_safe_push (ui_out_level_p, uiout->levels, current); + uiout->table.id = NULL; uiout->table.header_first = NULL; uiout->table.header_last = NULL; uiout->table.header_next = NULL; -- 1.8.1.4