Hi everyone (again), An evening of debugging several errors we lately received in qmailadmin, let me to this bug in vpopmail itself. We always got a blank screen while adding the first forward to a domain. The forward was created, however, also the Apache logs showed a double `free()'. Adding new forwards after this first one went okay, without any hassles.
After some debugging, I came at vpopmail's `vpalias.c'. Inside the function `valias_select_names' a `realloc()' is done after the while-loop, to decrease the number of slots inside the array, to the actually used slots. Good thing: clearing up your garbage, however, what if `num_names' is zero -- as in our case, when there is no forward yet. `realloc()'s behavior in this case is defined as [1]: > In case that the size is 0, the memory previously allocated in ptr is > deallocated as if a call to free was made, and a NULL pointer is returned. Since, the function was called earlier, `names' was indeed pointing to some area of memory. So `realloc()' free()'d that, and returned NULL. The check following after the `realloc()' checks indeed whether it is NULL or not, if not, it resets `names' to the address returned by `realloc()'. This is where it goes wrong: `names' is still pointing to that freed amount of memory. A fix: checking whether `num_names != 0' (but that will not shrink the array), or -- it's late so I haven't checked -- just sticking `realloc()'s return address directly into `names'. Hope it all clear, and somebody can do something with it :]. -- Kind regards, Harm van Tilborg Tiscom Hosting B.V. [1] http://www.cplusplus.com/reference/clibrary/cstdlib/realloc/ !DSPAM:4b1ecef632711815514492!
