From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 23636 invoked by alias); 4 Mar 2014 18:33:02 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Received: (qmail 23507 invoked by uid 89); 4 Mar 2014 18:33:01 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.9 required=5.0 tests=AWL,BAYES_00,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 04 Mar 2014 18:33:00 +0000 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s24IWu3O019908 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Tue, 4 Mar 2014 13:32:57 -0500 Received: from barimba.redhat.com (ovpn-113-183.phx2.redhat.com [10.3.113.183]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id s24IWtjU012049; Tue, 4 Mar 2014 13:32:56 -0500 From: Tom Tromey To: gdb-patches@sourceware.org Cc: Tom Tromey Subject: [RFC v5 1/8] fix latent bugs in ui-out.c Date: Tue, 04 Mar 2014 18:33:00 -0000 Message-Id: <1393957974-4521-2-git-send-email-tromey@redhat.com> In-Reply-To: <1393957974-4521-1-git-send-email-tromey@redhat.com> References: <1393957974-4521-1-git-send-email-tromey@redhat.com> X-SW-Source: 2014-03/txt/msg00083.txt.bz2 The destructor code in ui-out.c has a latent bug, which is hidden by the fact that nothing uses this right now. This patch fixes the problem. The bug is that we don't always clear a pointer in the ui-out object, leading to a bad free. 2013-10-30 Tom Tromey * ui-out.c (clear_table, ui_out_new): Clear uiout->table.id. --- gdb/ChangeLog | 4 ++++ gdb/ui-out.c | 5 +++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/gdb/ui-out.c b/gdb/ui-out.c index 2edb140..63cbc6e 100644 --- a/gdb/ui-out.c +++ b/gdb/ui-out.c @@ -807,8 +807,8 @@ uo_table_header (struct ui_out *uiout, int width, enum ui_align align, static void clear_table (struct ui_out *uiout) { - if (uiout->table.id) - xfree (uiout->table.id); + xfree (uiout->table.id); + uiout->table.id = NULL; clear_header_list (uiout); } @@ -1114,6 +1114,7 @@ ui_out_new (const struct ui_out_impl *impl, void *data, current->field_count = 0; VEC_safe_push (ui_out_level_p, uiout->levels, current); + uiout->table.id = NULL; uiout->table.header_first = NULL; uiout->table.header_last = NULL; uiout->table.header_next = NULL; -- 1.8.1.4