[xml] Patch for cleaning up after free() calls - against 2.6.30

From: Brian Krahmer <brian krahmer com>
To: xml gnome org
Subject: [xml] Patch for cleaning up after free() calls - against 2.6.30
Date: Wed, 13 Feb 2008 13:58:15 -0800

In doing some testing against a commercial code-checking tool, I foundthat most (all?) of the free() calls in libxml2 were not being followedby x = NULL. This was causing crashes in a multi-threaded test programon linux. Please accept and apply the following patch at your earliestconvenience.


thanks,
brian


diff -ur libxml2-2.6.30.orig/debugXML.c libxml2-2.6.30/debugXML.c
--- libxml2-2.6.30.orig/debugXML.c    2007-01-03 05:07:52.000000000 -0800
+++ libxml2-2.6.30/debugXML.c    2008-02-13 12:56:44.000000000 -0800
@@ -3244,6 +3244,7 @@
                            "Unknown command %s\n", command);
        }
        free(cmdline);          /* not xmlFree here ! */
+        cmdline = NULL;
    }
#ifdef LIBXML_XPATH_ENABLED
    xmlXPathFreeContext(ctxt->pctxt);
@@ -3254,8 +3255,10 @@
    if (ctxt->filename != NULL)
        xmlFree(ctxt->filename);
    xmlFree(ctxt);
-    if (cmdline != NULL)
+    if (cmdline != NULL) {
        free(cmdline);          /* not xmlFree here ! */
+        cmdline = NULL;
+    }
}

#endif /* LIBXML_XPATH_ENABLED */

diff -ur libxml2-2.6.30.orig/example/gjobread.clibxml2-2.6.30/example/gjobread.c--- libxml2-2.6.30.orig/example/gjobread.c 2007-01-0305:07:43.000000000 -0800

+++ libxml2-2.6.30/example/gjobread.c    2008-02-13 13:01:58.000000000 -0800
@@ -243,6 +243,7 @@
    if ( cur == 0 ) {
    xmlFreeDoc(doc);
    free(ret);
+   ret = NULL;
    return ( NULL );
    }

if ((xmlStrcmp(cur->name, (const xmlChar *) "Jobs")) || (cur->ns !=ns)) {

@@ -255,6 +256,7 @@
#endif /* LIBXML_OUTPUT_ENABLED */
    xmlFreeDoc(doc);
    free(ret);
+   ret = NULL;
    return(NULL);
    }

diff -ur libxml2-2.6.30.orig/threads.c libxml2-2.6.30/threads.c
--- libxml2-2.6.30.orig/threads.c    2007-06-12 01:16:00.000000000 -0700
+++ libxml2-2.6.30/threads.c    2008-02-13 13:00:46.000000000 -0800
@@ -191,6 +191,7 @@
#elif defined HAVE_BEOS_THREADS
    if ((tok->sem = create_sem(1, "xmlMutex")) < B_OK) {
        free(tok);
+      tok = NULL;
        return NULL;
    }
    tok->tid = -1;
@@ -219,6 +220,7 @@
    delete_sem(tok->sem);
#endif
    free(tok);
+    tok = NULL;
}

/**
@@ -303,6 +305,7 @@
#elif defined HAVE_BEOS_THREADS
    if ((tok->lock = xmlNewMutex()) == NULL) {
        free(tok);
+      tok = NULL;
        return NULL;
    }
    tok->count = 0;
@@ -333,6 +336,7 @@
    xmlFreeMutex(tok->lock);
#endif
    free(tok);
+    tok = NULL;
}

/**
@@ -452,6 +456,7 @@
     * allocated by this thread. */
    if (global_init_lock != cs) {
        free(cs);
+       cs = NULL;
    }
    }

@@ -525,6 +530,7 @@
    /* free any memory allocated in the thread's xmlLastError */
    xmlResetError(&(gs->xmlLastError));
    free(state);
+    state = NULL;
}

/**
@@ -568,6 +574,7 @@
    CloseHandle(params->thread);
    xmlFreeGlobalState(params->memory);
    free(params);
+    params = NULL;
    _endthread();
}
#else /* LIBXML_STATIC && !LIBXML_STATIC_FOR_DLL */
@@ -846,6 +853,7 @@
        p = p->next;
        xmlFreeGlobalState(temp->memory);
        free(temp);
+      temp = NULL;
    }
    cleanup_helpers_head = 0;
    LeaveCriticalSection(&cleanup_helpers_cs);
@@ -943,6 +951,7 @@
                    p->next->prev = p->prev;
        LeaveCriticalSection(&cleanup_helpers_cs);
        free(p);
+      p = NULL;
        }
    }
    break;
diff -ur libxml2-2.6.30.orig/xmlcatalog.c libxml2-2.6.30/xmlcatalog.c
--- libxml2-2.6.30.orig/xmlcatalog.c    2007-01-03 05:07:52.000000000 -0800
+++ libxml2-2.6.30/xmlcatalog.c    2008-02-13 12:57:37.000000000 -0800
@@ -122,6 +122,7 @@
    command[i] = 0;
    if (i == 0) {
        free(cmdline);
+       cmdline = NULL;
        continue;
    }
    nbargs++;
@@ -301,6 +302,7 @@
        printf("\texit:  quit the shell\n");
    }
    free(cmdline); /* not xmlFree here ! */
+   cmdline = NULL;
    }
}

diff -ur libxml2-2.6.30.orig/xmlIO.c libxml2-2.6.30/xmlIO.c
--- libxml2-2.6.30.orig/xmlIO.c    2007-08-14 06:50:46.000000000 -0700
+++ libxml2-2.6.30/xmlIO.c    2008-02-13 12:57:11.000000000 -0800
@@ -1936,6 +1936,7 @@
        }

        free( dump_name );
+      dump_name = NULL;
        }
#endif  /*  DEBUG_HTTP  */

diff -ur libxml2-2.6.30.orig/xmllint.c libxml2-2.6.30/xmllint.c
--- libxml2-2.6.30.orig/xmllint.c    2007-04-17 05:28:16.000000000 -0700
+++ libxml2-2.6.30/xmllint.c    2008-02-13 12:55:48.000000000 -0800
@@ -2929,6 +2929,7 @@
    assert(node->_private != NULL);
    assert(*(long*)node->_private == (long) 0x81726354);
    free(node->_private);
+    node->_private = NULL;
    nbregister--;
}

diff -ur libxml2-2.6.30.orig/xmlmemory.c libxml2-2.6.30/xmlmemory.c
--- libxml2-2.6.30.orig/xmlmemory.c    2007-01-03 05:07:52.000000000 -0800
+++ libxml2-2.6.30/xmlmemory.c    2008-02-13 12:55:20.000000000 -0800
@@ -445,6 +445,7 @@
    xmlMutexUnlock(xmlMemMutex);

    free(p);
+    p = NULL;

    TEST_POINT

Follow-Ups:
- Re: [xml] Patch for cleaning up after free() calls - against 2.6.30
  - From: Daniel Veillard

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]