memory corruption with gtk_stock_add[_static]()

From: Tim Janik <timj gtk org>
To: Havoc Pennington <hp redhat com>
Cc: Gtk+ Developers <gtk-devel-list gnome org>
Subject: memory corruption with gtk_stock_add[_static]()
Date: Thu, 5 Sep 2002 15:51:37 +0200 (CEST)

hi havoc,

correct me if i'm wrong, but i think the replace logic in gtk_stock_add()
will cause memory corruption if gtk_stock_add() is used to override a stock
item, previously added with gtk_stock_add_static(), due to:

static void
real_add (const GtkStockItem *items,
          guint               n_items,
          gboolean            copy)
{
  [...]
  while (i < n_items)
    {
      gpointer old_key, old_value;
      const GtkStockItem *item = &items[i];
      if (copy)
        item = gtk_stock_item_copy (item);

      if (g_hash_table_lookup_extended (stock_hash, item->stock_id,
                                        &old_key, &old_value))
        {
          g_hash_table_remove (stock_hash, old_key);
          gtk_stock_item_free (old_value);
        }

      g_hash_table_insert (stock_hash,
                           (gchar*)item->stock_id, (GtkStockItem*)item);

      ++i;
    }
}

i.e. you copy the item conditionally upon insertion, but you
free the overridden entry unconditionally, though that might
come from static storage.

---
ciaoTJ

Follow-Ups:
- Re: memory corruption with gtk_stock_add[_static]()
  - From: Havoc Pennington

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]