[prev in list] [next in list] [prev in thread] [next in thread]
List: openbsd-tech
Subject: Re: Patch for memory leak in snmpd/parse.y
From: "Matthew Dempsky" <matthew () dempsky ! org>
Date: 2008-02-23 23:20:03
Message-ID: d791b8790802231520j4e21d827h267e2ef9994e7358 () mail ! gmail ! com
[Download RAW message or body]
On 2/23/08, Claudio Jeker <cjeker@diehard.n-r-g.com> wrote:
> Please use
> while ((h = TAILQ_FIRST(&al)) != NULL) {
> TAILQ_REMOVE(&al, h, entry);
> free(h);
> }
> to free the list. Your solution scares me to death -- it may be fine in
> this case but it will return a corrupt TAILQ head node and if al would be
> reused it would cause a use-after-free.
> Don't put bad examples into the tree because somebody may copy it.
Sorry, you're right. I've not used the queue(3) functions much, and
the patch I submitted is derived from the "Faster TailQ Deletion."
code sample I found in OS X's queue(3) man pages, but I missed the
final TAILQ_INIT call. (Of course, I should have checked OpenBSD's.)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic