> On March 27, 2015, 2:11 a.m., Matt Jordan wrote: > > /branches/13/pbx/pbx_config.c, line 977 > > <https://reviewboard.asterisk.org/r/4529/diff/1/?file=72935#file72935line977> > > > > So, dup'ing things on the stack here in a nested loop is actually quite > > dangerous. Unlike a local variable with scope within the loop block, a > > variable that is allocated with one of the alloca methods (which strdupa > > should fall into) does not have its memory reclaimed when it loses block > > scope. It is only reclaimed when the stack frame returns. > > > > As such, this change could overrun the stack. > > > > Since escaped is a char *, I'd go ahead and strdup it here, and free it > > before the loop continues.
Ooh damn, you are right, missed that one. Maybe someone can come up with another way where this tmp_escaped is not necessary at all. - Diederik ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviewboard.asterisk.org/r/4529/#review14874 ----------------------------------------------------------- On March 26, 2015, 7:03 p.m., Diederik de Groot wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviewboard.asterisk.org/r/4529/ > ----------------------------------------------------------- > > (Updated March 26, 2015, 7:03 p.m.) > > > Review request for Asterisk Developers. > > > Bugs: ASTERISK-24917 > https://issues.asterisk.org/jira/browse/ASTERISK-24917 > > > Repository: Asterisk > > > Description > ------- > > clang's static analyzer will throw quite a number warnings / errors during > compilation, some of which can be very helpfull in finding corner-case > bugs\nclang compiler warning:-Wno-sometimes-uninitialized > > > Diffs > ----- > > /branches/13/pbx/pbx_config.c 433444 > > Diff: https://reviewboard.asterisk.org/r/4529/diff/ > > > Testing > ------- > > > Thanks, > > Diederik de Groot > >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
