[patch] null after free
Havoc Pennington
hp at redhat.com
Sat Oct 2 22:59:19 UTC 2004
On Fri, 2004-10-01 at 16:42 -0400, John (J5) Palmieri wrote:
> An unfortunate breakage in glibc's getgrouplist function led me to this
> bug in a rarely used error code path. Basically on errors in the
> fill_user_info function there is a double free of the info structure. I
> have a quick fix which nulls out the structure after the free. This
> ensures that double frees don't crash dbus. This however is a bandaid
> and we need to look at why the double free is happening and to determine
> which of the frees is the correct one.
>
> The glibc guys took care of the glib bug so no worries there.
>
OK, we should really figure out the real bug instead of applying the
bandaid - valgrind should spell it out for you, I would think, if you
can reproduce.
Havoc
More information about the dbus
mailing list