From mboxrd@z Thu Jan 1 00:00:00 1970 From: Fernando Nasser To: Eirik Fuller Cc: Fernando Nasser , gdb-patches@sourceware.cygnus.com Subject: Re: [patch] read_command_lines can return freed memory Date: Fri, 15 Jun 2001 12:04:00 -0000 Message-id: <3B2A5C37.3668BC4B@cygnus.com> References: <3B2A2258.639532FC@redhat.com> <20010615184039.230C340014@hackrat.com> X-SW-Source: 2001-06/msg00301.html Thanks for testing it and for the test case. If you agree, I will modify your changelog entry to: 2001-06-15 Eirik Fuller * cli/cli-script.c (free_command_lines): Reset list pointer. and check the second version of the patch in. And thanks again for the bug report/fix. Regards, Fernando Eirik Fuller wrote: > > I backed out the patch to read_command_lines, confirmed that the crash > occurs again, applied the patch to free_command_lines, and confirmed > that the crash no longer occurs. > > I agree that patching free_command_lines is the right way to fix this. > > > we should think of a more contrived example to create a test case... > > Here's the simplest test case I've found which triggers the crash: > > define f0 > set $f = $arg0 > if $f[1] > if $f[2] > f2 > else > f1 > else > > You can also add stuff after the second else. As before, source that > file twice; the second time triggers the crash. It's likely that the > details of the crash (including whether it occurs at all) vary from > platform to platform; I'm using a Debian x86 system with libc6 2.2.3. > > Thanks, > Eirik -- Fernando Nasser Red Hat - Toronto E-Mail: fnasser@redhat.com 2323 Yonge Street, Suite #300 Toronto, Ontario M4P 2C9