Author: coreyfarrell Date: Thu Nov 6 03:05:18 2014 New Revision: 427380 URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=427380 Log: Fix unintential memory retention in stringfields.
* Fix missing / unreachable calls to __ast_string_field_release_active. * Reset pool->used to zero when the current pool->active reaches zero. ASTERISK-24307 #close Reported by: Etienne Lessard Tested by: ibercom, Etienne Lessard Review: https://reviewboard.asterisk.org/r/4114/ Modified: branches/1.8/include/asterisk/stringfields.h branches/1.8/main/utils.c Modified: branches/1.8/include/asterisk/stringfields.h URL: http://svnview.digium.com/svn/asterisk/branches/1.8/include/asterisk/stringfields.h?view=diff&rev=427380&r1=427379&r2=427380 ============================================================================== --- branches/1.8/include/asterisk/stringfields.h (original) +++ branches/1.8/include/asterisk/stringfields.h Thu Nov 6 03:05:18 2014 @@ -319,14 +319,16 @@ const char *__d__ = (data); \ size_t __dlen__ = (__d__) ? strlen(__d__) + 1 : 1; \ ast_string_field *__p__ = (ast_string_field *) (ptr); \ + ast_string_field target = *__p__; \ if (__dlen__ == 1) { \ __ast_string_field_release_active((x)->__field_mgr_pool, *__p__); \ *__p__ = __ast_string_field_empty; \ } else if ((__dlen__ <= AST_STRING_FIELD_ALLOCATION(*__p__)) || \ (!__ast_string_field_ptr_grow(&(x)->__field_mgr, &(x)->__field_mgr_pool, __dlen__, __p__)) || \ - (*__p__ = __ast_string_field_alloc_space(&(x)->__field_mgr, &(x)->__field_mgr_pool, __dlen__))) { \ - if (*__p__ != (*ptr)) { \ - __ast_string_field_release_active((x)->__field_mgr_pool, (*ptr)); \ + (target = __ast_string_field_alloc_space(&(x)->__field_mgr, &(x)->__field_mgr_pool, __dlen__))) { \ + if (target != *__p__) { \ + __ast_string_field_release_active((x)->__field_mgr_pool, *__p__); \ + *__p__ = target; \ } \ memcpy(* (void **) __p__, __d__, __dlen__); \ } \ Modified: branches/1.8/main/utils.c URL: http://svnview.digium.com/svn/asterisk/branches/1.8/main/utils.c?view=diff&rev=427380&r1=427379&r2=427380 ============================================================================== --- branches/1.8/main/utils.c (original) +++ branches/1.8/main/utils.c Thu Nov 6 03:05:18 2014 @@ -1919,9 +1919,13 @@ for (pool = pool_head, prev = NULL; pool; prev = pool, pool = pool->prev) { if ((ptr >= pool->base) && (ptr <= (pool->base + pool->size))) { pool->active -= AST_STRING_FIELD_ALLOCATION(ptr); - if ((pool->active == 0) && prev) { - prev->prev = pool->prev; - ast_free(pool); + if (pool->active == 0) { + if (prev) { + prev->prev = pool->prev; + ast_free(pool); + } else { + pool->used = 0; + } } break; } @@ -1964,6 +1968,11 @@ res = vsnprintf(target, available, format, ap1); if (res < 0) { /* Are we out of memory? */ + return; + } + if (res == 0) { + __ast_string_field_release_active(*pool_head, *ptr); + *ptr = __ast_string_field_empty; return; } needed = (size_t)res + 1; /* NUL byte */ -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- svn-commits mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/svn-commits
