[fossil-users] 2 possible bugs?

Eduardo Morras Wed, 29 May 2013 06:58:17 -0700


Hi, revising fossil code with clan analyzer, 2 possible bugs where found, from 
last trunk (     4175c90f9522299c07ae4da5d19b93a50ce5f74c 
http://www.fossil-scm.org/xfer/info/4175c90f95):


a) src/file.c line 197-201

197 if( zName!=zBuf ) free(zName);

    if( symlink(zTargetFile, zName)!=0 ){
      fossil_fatal_recursive("unable to create symlink \"%s\"", zName);
201 }

So zName may be used after free.

b) src/attach.c line 490 


490 free(zDate);
    @ <tr><th>User:</th><td>
492 hyperlink_to_user(pAttach->zUser, zDate, "</td></tr>");

Similar, zDate is used after the free.

HTH

---   ---
Eduardo Morras <[email protected]>
_______________________________________________
fossil-users mailing list
[email protected]
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users

[fossil-users] 2 possible bugs?

Reply via email to