I just hit this and evoked a segfault. It'd be nice to find a way to provoke this failure so I can add a test case, but I'm not going to try very hard.
>From db229537339468b5d596c2020705520d379c162c Mon Sep 17 00:00:00 2001 From: Jim Meyering <[email protected]> Date: Sat, 12 Dec 2009 18:31:04 +0100 Subject: [PATCH] ui: mkpart: avoid double free * parted/parted.c (do_mkpart): This function frees "part_name" immediately after the final use, but also upon e.g., ped_disk_commit failure. Set part_name to NULL after the first free, to make the second a no-op after the first. --- parted/parted.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/parted/parted.c b/parted/parted.c index dba376d..6919701 100644 --- a/parted/parted.c +++ b/parted/parted.c @@ -878,7 +878,8 @@ do_mkpart (PedDevice** dev) /* set minor attributes */ if (part_name) PED_ASSERT (ped_partition_set_name (part, part_name), return 0); - free (part_name); + free (part_name); /* avoid double-free upon failure */ + part_name = NULL; if (!ped_partition_set_system (part, fs_type)) goto error_destroy_disk; if (ped_partition_is_flag_available (part, PED_PARTITION_LBA)) -- 1.6.6.rc2.275.g51e2d _______________________________________________ parted-devel mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/parted-devel
