[patch] null after free

Havoc Pennington hp at redhat.com
Sat Oct 2 22:59:19 UTC 2004


On Fri, 2004-10-01 at 16:42 -0400, John (J5) Palmieri wrote:
> An unfortunate breakage in glibc's getgrouplist function led me to this
> bug in a rarely used error code path.  Basically on errors in the
> fill_user_info function there is a double free of the info structure.  I
> have a quick fix which nulls out the structure after the free.  This
> ensures that double frees don't crash dbus.  This however is a bandaid
> and we need to look at why the double free is happening and to determine
> which of the frees is the correct one. 
> 
> The glibc guys took care of the glib bug so no worries there.
> 

OK, we should really figure out the real bug instead of applying the
bandaid - valgrind should spell it out for you, I would think, if you
can reproduce.

Havoc




More information about the dbus mailing list