[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-gawk] Variable double free bug.
|
From: |
Aharon Robbins |
|
Subject: |
Re: [bug-gawk] Variable double free bug. |
|
Date: |
Thu, 14 Jan 2016 20:58:39 +0200 |
|
User-agent: |
Heirloom mailx 12.5 6/20/10 |
Hi.
> From: ruyk <address@hidden>
> To: address@hidden
> Date: Thu, 14 Jan 2016 02:43:06 +0300
> Subject: [bug-gawk] Variable double free bug.
>
> Hello.
>
> I notice that scince this commit 566df675d8a6bb0c632231abe2e7573ce9f9541d
> gawk can terminate ubnormally on some sort of scripts.
>
> For example:
>
> ---
> #!/usr/bin/gawk -f
> BEGIN {
>
> for (i = 0; i < 100; i++)
> func_exec()
> }
>
> function func_exec(opaque)
> {
> func_a(1, opaque) #set additional argument, not expected by fname
> }
>
> function func_a(a, b, loc1, loc2)
> {
> b = 0 #unref Nnull_string
> }
Thanks for this report. Unfortunately, your fix is not correct; it
breaks one of the tests in the test suite. But you were in the
right neighborhood. :-) Here is the correct fix, which I have applied
and pushed out.
Arnold
----------------------------------
diff --git a/eval.c b/eval.c
index 05924cd..291d084 100644
--- a/eval.c
+++ b/eval.c
@@ -1154,7 +1154,7 @@ r_get_lhs(NODE *n, bool reference)
array_vname(n));
if (n->orig_array->type != Node_var) {
n->orig_array->type = Node_var;
- n->orig_array->var_value = Nnull_string;
+ n->orig_array->var_value = dupnode(Nnull_string);
}
/* fall through */
case Node_var_new: