glib bindings crash with many out params
Jonathan Matthew
jonathan at kaolin.hn.org
Sun Apr 24 17:20:34 PDT 2005
Hi,
In messing around with dbus and its glib bindings, I noticed that the
glib bindings crash if there are more than a couple of 'out' parameters
on a method.
invoke_object_method records the address of elements it adds to a
GArray, but if there are more elements than will fit in the initial
allocated size, the array reallocs itself and the elements move, leaving
references to freed memory.
The trivial fix is to make the array big enough before adding anything to
it. Patch attached.
enjoy,
-jonathan.
-------------- next part --------------
--- dbus-0.32/glib/dbus-gobject.c 2005-04-25 10:04:36.000000000 +1000
+++ dbus-0.32-orig/glib/dbus-gobject.c 2005-04-25 10:03:23.000000000 +1000
@@ -802,7 +802,7 @@
* to each of those values, and append to the invocation,
* so the method can return the OUT parameters.
*/
- out_param_values = g_array_sized_new (FALSE, TRUE, sizeof (DBusBasicGValue), out_signature_len);
+ out_param_values = g_array_new (FALSE, TRUE, sizeof (DBusBasicGValue));
for (i = 0; i < out_signature_len; i++)
{
GValue value = {0, };
More information about the dbus
mailing list