• Simon McVittie's avatar
    dbus_message_iter_open_container: Don't leak signature on failure · c462a6b3
    Simon McVittie authored
    If we run out of memory while calling _dbus_type_writer_recurse()
    (which is impossible for most contained types, but can happen for
    structs and dict-entries), then the memory we allocated in the call to
    _dbus_message_iter_open_signature() will still be allocated, and we
    have to free it in order to return to the state of the world prior to
    calling open_container().
    
    One might reasonably worry that this change can break callers that use
    this (incorrect) pattern:
    
        if (!dbus_message_iter_open_container (outer, ..., inner))
          {
            dbus_message_iter_abandon_container (outer, inner);
            goto fail;
          }
        /* now we know inner is open, and we must close it later */
    
    However, testing that pattern with _dbus_test_oom_handling()
    demonstrates that it already dies with a DBusString assertion failure
    even before this commit.
    
    This is all concerningly fragile, and I think the next step should be
    to zero out DBusMessageIter instances when they are invalidated, so
    that a "double-free" is always detected.
    Signed-off-by: Simon McVittie's avatarSimon McVittie <smcv@collabora.com>
    Reviewed-by: Philip Withnall's avatarPhilip Withnall <withnall@endlessm.com>
    Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101568
    (cherry picked from commit 031aa2ce)
    c462a6b3
Name
Last commit
Last update
bus Loading commit data...
cmake Loading commit data...
dbus Loading commit data...
doc Loading commit data...
m4 Loading commit data...
test Loading commit data...
tools Loading commit data...
.gitignore Loading commit data...
.mailmap Loading commit data...
.travis.yml Loading commit data...
AUTHORS Loading commit data...
COPYING Loading commit data...
ChangeLog Loading commit data...
ChangeLog.pre-1-0 Loading commit data...
ChangeLog.pre-1-2 Loading commit data...
Doxyfile.in Loading commit data...
HACKING Loading commit data...
INSTALL Loading commit data...
Makefile.am Loading commit data...
Makefile.cvs Loading commit data...
NEWS Loading commit data...
NEWS.pre-1-0 Loading commit data...
NEWS.pre-1-2 Loading commit data...
README Loading commit data...
README.cmake Loading commit data...
README.cygwin Loading commit data...
README.launchd Loading commit data...
README.valgrind Loading commit data...
README.win Loading commit data...
README.wince Loading commit data...
autogen.sh Loading commit data...
cleanup-man-pages.sh Loading commit data...
configure.ac Loading commit data...
dbus-1-uninstalled.pc.in Loading commit data...
dbus-1.pc.in Loading commit data...