On Mon, Dec 6, 2010 at 8:15 AM, Mike Frysinger vapier@gentoo.org wrote:
On Sunday, December 05, 2010 04:18:44 Luigi 'Comio' Mantellini wrote:
On structure Initialization, LZMA code tries to free the dictionary and probs buffers, also when these are null pointers. Add some check in order to prevent the free on null pointers.
your patch only checks p->probs, not any dictionary buffer. if you follow the code path:
... void LzmaDec_FreeProbs(CLzmaDec *p, ISzAlloc *alloc) { alloc->Free(alloc, p->probs); p->probs = 0; } ... g_Alloc.Free = SzFree; ... static void SzFree(void *p, void *address) { p = p; free(address); } ...
this only ends up doing free(p->probs) which is free(NULL) which isnt a bug.
In general I prefer avoid to free a null pointer, and I consider a free on a not-malloc-eted pointer a bug. The submitted patch check the pointers (p->probs and p->dict) only at init time. This is sufficient to avoid the free(NULL). The other *Free(*) calls all called on pointers that are surely not null.
The second way should be to add the null check into the FreeProbs and FreeDict functions.
best regards,
luigi
so you're going to need to provide some more details. -mike
U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot