Re: r22240 - gnucash/branches/2.4/src/app-utils - Fix a double free crash when the required features dialog is shown
On 26-06-12 19:28, John Ralls wrote: From: Geert Janssensgjanss...@code.gnucash.org To: gnucash-patc...@gnucash.org Subject: r22240 - gnucash/branches/2.4/src/app-utils - Fix a double free crash when the required features dialog is shown Message-ID:201206252054.q5pksuc9008...@code.gnucash.org Content-Type: text/plain; charset=UTF-8 Author: gjanssens Date: 2012-06-25 16:54:55 -0400 (Mon, 25 Jun 2012) New Revision: 22240 Trac: http://svn.gnucash.org/trac/changeset/22240 Modified: gnucash/branches/2.4/src/app-utils/gnc-features.c Log: Fix a double free crash when the required features dialog is shown Geert, This doesn't make sense to me. msg is allocated with a starting value, then the relevant feature names are added one at a time in the for loop, allocating a new string each time. Where is msg getting double-freed? ISTM your change will leak all of the strings except the last one. There is still a g_free(msg) inside the for loop, though it's not visible in the patch only. The msg free I removed is outside the for-loop, and frees msg two lines before it is returned to the calling function. The calling function also calls a free - double free. Geert ___ gnucash-devel mailing list gnucash-devel@gnucash.org https://lists.gnucash.org/mailman/listinfo/gnucash-devel
Re: r22240 - gnucash/branches/2.4/src/app-utils - Fix a double free crash when the required features dialog is shown
On Jun 26, 2012, at 10:00 PM, Geert Janssens wrote: On 26-06-12 19:28, John Ralls wrote: From: Geert Janssensgjanss...@code.gnucash.org To: gnucash-patc...@gnucash.org Subject: r22240 - gnucash/branches/2.4/src/app-utils - Fix a double free crash when the required features dialog is shown Message-ID:201206252054.q5pksuc9008...@code.gnucash.org Content-Type: text/plain; charset=UTF-8 Author: gjanssens Date: 2012-06-25 16:54:55 -0400 (Mon, 25 Jun 2012) New Revision: 22240 Trac: http://svn.gnucash.org/trac/changeset/22240 Modified: gnucash/branches/2.4/src/app-utils/gnc-features.c Log: Fix a double free crash when the required features dialog is shown Geert, This doesn't make sense to me. msg is allocated with a starting value, then the relevant feature names are added one at a time in the for loop, allocating a new string each time. Where is msg getting double-freed? ISTM your change will leak all of the strings except the last one. There is still a g_free(msg) inside the for loop, though it's not visible in the patch only. The msg free I removed is outside the for-loop, and frees msg two lines before it is returned to the calling function. The calling function also calls a free - double free. OIC. Thanks. Regards, John Ralls ___ gnucash-devel mailing list gnucash-devel@gnucash.org https://lists.gnucash.org/mailman/listinfo/gnucash-devel
