[asterisk-bugs] [JIRA] (ASTERISK-24348) Built-in editline tab complete segfault with MALLOC_DEBUG

Matt Jordan (JIRA) noreply at issues.asterisk.org
Mon Nov 3 13:56:32 CST 2014


     [ https://issues.asterisk.org/jira/browse/ASTERISK-24348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Matt Jordan updated ASTERISK-24348:
-----------------------------------

    Target Release Version/s: 1.8.32.0

> Built-in editline tab complete segfault with MALLOC_DEBUG
> ---------------------------------------------------------
>
>                 Key: ASTERISK-24348
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-24348
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>            Reporter: Walter Doekes
>      Target Release: 1.8.32.0, 11.14.0, 13.0.0-beta3
>
>
> When MALLOC_DEBUG is enabled, the builtin editline uses the asterisk malloc and friends, not the default libc ones:
> {noformat}
> ------------------------------------------------------------------------
> r155763 | tilghman | 2008-11-10 19:04:30 +0100 (ma, 10 nov 2008) | 6 lines
> Fix memory leak when MALLOC_DEBUG is enabled.
> (closes issue #13864)
>  Reported by: eliel
>  Patches: 
>        readline.c.patch uploaded by eliel (license 64)
> ------------------------------------------------------------------------
> Index: main/editline/readline.c
> ===================================================================
> --- main/editline/readline.c	(revision 155762)
> +++ main/editline/readline.c	(revision 155763)
> @@ -36,6 +36,7 @@
>   * POSSIBILITY OF SUCH DAMAGE.
>   */
>  
> +#include "asterisk.h"
>  #include "config.h"
>  #if !defined(lint) && !defined(SCCSID)
>  __RCSID("$NetBSD: readline.c,v 1.21 2002/03/18 16:20:36 christos Exp $");
> {noformat}
> But then we attempt to free the memory with ast_std_free (the libc one):
> {noformat}
> ------------------------------------------------------------------------
> r421600 | rmudgett | 2014-08-21 00:13:44 +0200 (do, 21 aug 2014) | 6 lines
> cli.c: Fix tab completion of "module load" when MALLOC_DEBUG is enabled.
> filename_completion_function() returns memory that was not allocated by
> the MALLOC_DEBUG allocation tracker so the memory must be freed by
> ast_std_free().
> ------------------------------------------------------------------------
> Index: main/cli.c
> ===================================================================
> --- main/cli.c	(revision 421599)
> +++ main/cli.c	(revision 421600)
> @@ -241,7 +241,7 @@ static char *complete_fn(const char *word, int sta
>  	if (c)
>  		c = ast_strdup(c);
>  
> -	free(d);
> +	ast_std_free(d);
>  	
>  	return c;
>  }
> {noformat}
> 155763 should've been reverted when 421600 was fixed.
> P.S. Why do we define `free` as `ast_free`? Shouldn't we define it as `ast_throw_error` instead?



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list