Publisher double free on create


cmorgan
 

Hi,

 

I think I found an issue with publisher create. On the error paths in _createByIndex, the function mamaPublisherImpl_cleanup(impl) is called and then the impl is immediately freed after but mamaPublisherImpl_cleanup(impl) also calls free on the impl as well. mamaPublisherImpl_cleanup was introduce in the publisher event feature, I believe, and is used as a publisher destroy.  Should the mamaPublisherImpl_cleanup function free the impl parameter or should create not free the impl on error paths?

 

Chris Morgan


Frank Quinn <f.quinn@...>
 

Hi Chris,

 

Yeah that’s definitely an issue – happens in two places too and looks like there’s another issue in a section below it where it will be accessed after the free. I went ahead and raised https://github.com/OpenMAMA/OpenMAMA/issues/168 to track this - if you want to submit a patch you can work away, otherwise we’ll get it fixed when we get a chance.


Cheers,

Frank

 

From: openmama-dev-bounces@... [mailto:openmama-dev-bounces@...] On Behalf Of Christopher Morgan
Sent: 04 May 2016 21:35
To: openmama-dev@...
Subject: [Openmama-dev] Publisher double free on create

 

Hi,

 

I think I found an issue with publisher create. On the error paths in _createByIndex, the function mamaPublisherImpl_cleanup(impl) is called and then the impl is immediately freed after but mamaPublisherImpl_cleanup(impl) also calls free on the impl as well. mamaPublisherImpl_cleanup was introduce in the publisher event feature, I believe, and is used as a publisher destroy.  Should the mamaPublisherImpl_cleanup function free the impl parameter or should create not free the impl on error paths?

 

Chris Morgan


The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to this message and deleting it from your computer. Thank you. SR Labs LLC