Hi,
I have a situation in ksh93 where free() is called
on statically allocated memory and I would like to
discuss a fix.
The free() happens at the end of b_cd() in src/cmd/ksh93/bltins/cd_pwd.c:
if(*dir != '/')
return(0);
nv_putval(opwdnod,oldpwd,NV_RDONLY);
if(oldpwd)
free(oldpwd);
oldpwd points to e_dot, which is const char [].
This is the place in b_cd() where oldpwd is set from path_pwd():
oldpwd = (char*)shp->pwd;
[...]
#if _WINIX
if(*dir != '/' && (dir[1]!=':'))
#else
if(*dir != '/')
#endif /* _WINIX */
{
[...]
if(!oldpwd)
oldpwd = path_pwd(shp,1);
}
The path_pwd() is from src/cmd/ksh93/sh/path.c.
The return type of path_pwd() is char* but it can return pointers
to statically allocated memory.
In my situation on Solaris, the line
oldpwd = (char*)shp->pwd;
is changed to
oldpwd = path_pwd(shp,0);
in order to deal with different crash bug, and it is where oldpwd
gets to point to e_dot.
What's the ok fix here given what it looks like the need
to sometimes free the return values from path_pwd()
but not every time?
Tomas Klacko
_______________________________________________
ast-developers mailing list
[email protected]
http://lists.research.att.com/mailman/listinfo/ast-developers
