[fossil-users] 2 possible bugs?

2013-05-29 Thread Eduardo Morras 


Hi, revising fossil code with clan analyzer, 2 possible bugs where found, from 
last trunk ( 4175c90f9522299c07ae4da5d19b93a50ce5f74c 
http://www.fossil-scm.org/xfer/info/4175c90f95):

a) src/file.c line 197-201

197 if( zName!=zBuf ) free(zName);

if( symlink(zTargetFile, zName)!=0 ){
  fossil_fatal_recursive(unable to create symlink \%s\, zName);
201 }

So zName may be used after free.

b) src/attach.c line 490 


490 free(zDate);
@ trthUser:/thtd
492 hyperlink_to_user(pAttach-zUser, zDate, /td/tr);

Similar, zDate is used after the free.

HTH

---   ---
Eduardo Morras emorr...@yahoo.es
___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users

Re: [fossil-users] 2 possible bugs?

2013-05-29 Thread Stephan Beal 
On Wed, May 29, 2013 at 3:57 PM, Eduardo Morras emorr...@yahoo.es wrote:

 a) src/file.c line 197-201
 b) src/attach.c line 490


Man, he's fast - i was about to commit these fixes, but Richard beat me to
it:
http://www.fossil-scm.org/xfer/info/04ab1af3e0

Thanks for the report!

-- 
- stephan beal
http://wanderinghorse.net/home/stephan/
http://gplus.to/sgbeal
___
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users