This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
On Sunday 27 February 2011 00:30:38, Michael Snyder wrote:Found by coverity.
Do you try running coverity on your patches?
@@ -367,6 +367,7 @@ handle_pwrite (char *own_buf, int packet || require_data (p, packet_len - (p - own_buf), &data, &len)) { hostio_packet_error (own_buf); + free (data); return; }
This is wrong. If any predicate other than require_data in if above returned true, then you'll be freeing a garbage pointer. I'd fix this in require_data ... just free the output buffer when returning error, so the callers never have to.
2011-02-27 Michael Snyder <msnyder@vmware.com> * hostio.c (require_data): Free malloc memory before returning error. Index: hostio.c =================================================================== RCS file: /cvs/src/src/gdb/gdbserver/hostio.c,v retrieving revision 1.11 diff -u -p -u -p -r1.11 hostio.c --- hostio.c 1 Jan 2011 15:33:24 -0000 1.11 +++ hostio.c 27 Feb 2011 21:48:00 -0000 @@ -134,7 +134,10 @@ require_data (char *p, int p_len, char * } if (escaped) - return -1; + { + xfree (data); + return -1; + } *data_len = output_index; return 0;
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |