[patch] read_command_lines can return freed memory

Eirik Fuller eirik@hackrat.com
Fri Jun 15 11:40:00 GMT 2001


I backed out the patch to read_command_lines, confirmed that the crash
occurs again, applied the patch to free_command_lines, and confirmed
that the crash no longer occurs.

I agree that patching free_command_lines is the right way to fix this.

> we should think of a more contrived example to create a test case...

Here's the simplest test case I've found which triggers the crash:


define f0
    set $f = $arg0
    if $f[1]
	if $f[2]
	    f2
	else
	    f1
    else


You can also add stuff after the second else.  As before, source that
file twice; the second time triggers the crash.  It's likely that the
details of the crash (including whether it occurs at all) vary from
platform to platform; I'm using a Debian x86 system with libc6 2.2.3.

Thanks,
Eirik



More information about the Gdb-patches mailing list