[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
xgnokii fix
From: |
Josef Zlomek |
Subject: |
xgnokii fix |
Date: |
Sun, 22 Jun 2003 09:39:53 +0200 |
User-agent: |
Mutt/1.4i |
Hi,
there is a bug in xgnokii (0.5.2 and CVS):
when SMS reading is activated and I delete some message
xgnokii segfaults because of freeing already freed memory.
It also accessed freed memory when simply using the SMS list.
I have found by valgrind where the affected memory is freed,
and when I deleted the g_free call valgrind reported no new
memory leak.
The patch is attached.
BTW: valgring reports many other errors like reading a byte after the end of
allocated memory but that does not hurt me much:
==27056== Invalid read of size 1
==27056== at 0x4024DFAC: IncomingPhonebook (nk6100.c:845)
==27056== by 0x4022CBBA: sm_incoming_function (gsm-statemachine.c:122)
==27056== by 0x4025A6A8: fbus_rx_statemachine (fbus.c:360)
==27056== by 0x4025A742: fbus_loop (fbus.c:386)
==27056== by 0x4022CA73: gn_sm_loop (gsm-statemachine.c:69)
==27056== by 0x4022D071: __sm_block_timeout (gsm-statemachine.c:247)
==27056== Address 0x42AC1CE8 is 1 bytes after a block of size 23 alloc'd
==27056== at 0x401634BA: realloc (in /usr/lib/valgrind/valgrind.so)
==27056== by 0x4025A5F2: fbus_rx_statemachine (fbus.c:340)
==27056== by 0x4025A742: fbus_loop (fbus.c:386)
==27056== by 0x4022CA73: gn_sm_loop (gsm-statemachine.c:69)
==27056== by 0x4022D071: __sm_block_timeout (gsm-statemachine.c:247)
==27056== by 0x4022D0FE: sm_block_timeout (gsm-statemachine.c:262)
Regards,
Josef
2003-06-22 Josef Zlomek <address@hidden>
* xgnokii/xgnokii_lowlevel.c (RefreshSMS): Do not free msg.
Index: xgnokii_lowlevel.c
===================================================================
RCS file: /cvsroot/gnokii/gnokii/xgnokii/xgnokii_lowlevel.c,v
retrieving revision 1.78
diff -c -3 -p -r1.78 xgnokii_lowlevel.c
*** xgnokii_lowlevel.c 26 Feb 2003 00:15:53 -0000 1.78
--- xgnokii_lowlevel.c 22 Jun 2003 07:25:05 -0000
*************** static void RefreshSMS(const gint number
*** 432,438 ****
if (phoneMonitor.sms.number == number) {
g_free(list);
g_free(fld);
- g_free(msg);
return;
}
} else if (error == GN_ERR_INVALIDLOCATION) { /* All
positions are read */
--- 432,437 ----
- xgnokii fix,
Josef Zlomek <=