Fix double free. #429
Merged
Fix double free. #429
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Quipyowert2
force-pushed
the
nm/fix-double-free
branch
2 times, most recently
from
06a069b
to
e70fc8e
Compare
ThomasAdam
reviewed
Feb 8, 2021
There was a problem hiding this comment.
Hi @Quipyowert2
While this is one approach, I really don't like littering the code with boolean logic as this just highlights a problem elsewhere to me -- namely that in this case, rline is a special case.
We can easily avoid using xasprintf() here if this stops this bool madness, a la strlcpy() for instance.
Quipyowert2
force-pushed
the
nm/fix-double-free
branch
from
e70fc8e
to
6a2f24e
Compare
|
I removed the boolean variable and added a check of whether |
When a command starting with an asterisk was encountered, ModuleConfig was called, which calls AddToModList which frees its argument sometimes. Then __execute_function tries to free the same pointer again. This commit fixes this by only freeing rline in AddToModList if it points at xasprintf'd memory, as freeing the memory from xasprintf won't invalidate expaction. Fixes fvwmorg#425.
Quipyowert2
force-pushed
the
nm/fix-double-free
branch
from
6a2f24e
to
c8b6e7f
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When a command starting with an asterisk was encountered, ModuleConfig
was called, which calls AddToModList which frees its argument
sometimes. Then __execute_function tries to free the same pointer
again. This commit fixes this by only freeing rline in AddToModList if
it points at xasprintf'd memory, as freeing the memory from xasprintf
won't invalidate expaction.
Fixes #425.
Fixes a double free by conditionally freeing
rlinein AddToModList only if it doesn't point attlineanymore (by calling xasprintf).The command causing the segfault was:
*FvwmIconMan*action Mouse 1 N sendcommand "Iconify off", sendcommand "FlipFocus", sendcommand "Raise"Screenshots (if applicable)
PR acceptance criteria (reminder only, please delete once read)
Your commit message(s) are descriptive. See:
https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html
[https://raw.githubusercontent.com/fvwmorg/fvwm3/master/doc/README]Documentation updated (where appropriate)
Style guide followed (try and match the surrounding code where possible)
All tests are passing: although this is automatic, Codacy will often
highlight additional considerations which will need to be addressed before
the PR can be merged.
Issue number(s)
If this PR addresses any issues, please ensure the appropriate commit
message(s) contains:
at the end of your commit message, where
XXXshould be replaced with therelevant issue number.
If there is more than one issue fixed then use: