Bug#264884: globfree() double-frees

To: Jeff Licquia <licquia@progeny.com>, 264884@bugs.debian.org
Subject: Bug#264884: globfree() double-frees
From: GOTO Masanori <gotom@debian.or.jp>
Date: Fri, 13 Aug 2004 21:40:09 +0900
Message-id: <[🔎] 81r7qb43fa.wl@omega.webmasters.gr.jp>
Reply-to: GOTO Masanori <gotom@debian.or.jp>, 264884@bugs.debian.org
In-reply-to: <[🔎] 1092166421.2750.10.camel@laptop1>
References: <[🔎] 1092166421.2750.10.camel@laptop1>

Hi,

At Tue, 10 Aug 2004 14:33:42 -0500,
Jeff Licquia wrote:
> Certain kinds of problems in glob() result in a GLOB_ABORTED return
> value.  In these circumstances, the glob_t passed in is likely to
> contain partial results (per POSIX), and thus, globfree() needs to be
> called to prevent a memory leak.

What's the essential point of /tset/LSB.os/genuts/glob/T.glob 30 ?

> Unfortunately, glob() itself calls globfree() under certain
> circumstances.  Calling globfree() again (which is legal and in fact
> mandated under POSIX) causes certain portions of the structure to be
> double-freed.  Under many circumstances, this results in infinite loops
> or SIGSEGV during the next malloc.

Which documentation (and line number) is "mandated under POSIX"
described?

Regards,
-- gotom

Reply to:

Follow-Ups:
- Bug#264884: globfree() double-frees
  - From: Jeff Licquia <licquia@progeny.com>

References:
- Bug#264884: globfree() double-frees
  - From: Jeff Licquia <licquia@progeny.com>

Prev by Date: Bug#265486: Upgrade breaks system
Next by Date: Bug#265486: Something's broken
Previous by thread: Bug#264884: globfree() double-frees
Next by thread: Bug#264884: globfree() double-frees
Index(es):
- Date
- Thread