In the error-handling paths of notmuch_database_open, we call
notmuch_database_close, which "delete"s several objects referenced by
the notmuch_database_t object. However, some of these pointers may be
uninitialized, resulting in undefined behavior. Hence, allocate the
notmuch_database_t with talloc_zero to make sure these pointers are
NULL so that "delete"ing them is harmless.
---
lib/database.cc | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/lib/database.cc b/lib/database.cc
index 8103bd9..a6d15a1 100644
--- a/lib/database.cc
+++ b/lib/database.cc
@@ -617,7 +617,7 @@ notmuch_database_open (const char *path,
initialized = 1;
}
- notmuch = talloc (NULL, notmuch_database_t);
+ notmuch = talloc_zero (NULL, notmuch_database_t);
notmuch->exception_reported = FALSE;
notmuch->path = talloc_strdup (notmuch, path);
--
1.7.7.3
