! Please note that this is a snapshot of our old Bugzilla server, which is read only since May 29, 2020. Please go to gitlab.xfce.org for our new server !
Crash in _xfce_rc_config_new()
Status:
RESOLVED: FIXED
Priority:
Medium
Severity:
normal
Product:
Libxfce4util
Component:
General

Comments

Description Tim Starling 2012-06-15 02:11:14 CEST 
Created attachment 4503 
Set simple to NULL after error

_xfce_rc_config_new() crashes if there is an error parsing a config file. The code is:

  XfceRcSimple *simple = NULL;
  ...
  for (p = paths; *p != NULL; ++p)
    {
      ...
      simple = _xfce_rc_simple_new (simple, *p, TRUE);
      if (!_xfce_rc_simple_parse (simple))
        {
          g_critical ("Failed to parse file %s, ignoring.", *p);
          xfce_rc_close (XFCE_RC (simple));
          continue;
        }
        ...
    }

xfce_rc_close() frees the memory pointed to by simple, so in the next iteration of the loop, simple is a dangling pointer and a crash is a typical result. Setting simple to NULL on error would be one way to avoid the crash, I have attached that as a patch and tested it.

Observed in 4.8.2, but the code error appears to still exist in git master.
Comment 1 Nick Schermer editbugs 2013-03-19 19:42:19 CET 
We might leak the memchunk in this case, but that's better than a crash.

Applied in ee5b2a4.

Bug #9026

Reported by:
Tim Starling
Reported on: 2012-06-15
Last modified on: 2013-03-19

People

Assignee:
Xfce Bug Triage
CC List:
0 users

Version

Version:
4.8.2
Target Milestone:
---

Attachments

Set simple to NULL after error (380 bytes, patch)
2012-06-15 02:11 CEST , Tim Starling 		no flags

Additional information