Red Hat Bugzilla – Bug 433756
timidity++ -d0 crashes
Last modified: 2013-07-02 19:26:52 EDT
Description of problem:
timidity crashes due to free() of constant pointer
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. timidity -d0 foo.midi
glibc detects double-free
Perhaps an audit to find other cases might be worth while.
I've chosen to 'leak' a very small amount of memory in the rare case that -d is
Created attachment 295494 [details]
Patch to fix the segfault
Created attachment 295495 [details]
patch for the spec file too!
The spec file patch was not cleanly applicable due to recent changes to
timidity++ so I modified it.
Maybe a better solution would be to originally strdup the constant string
otherwise the dynamic_lib_root value would be leaked.
I rewrote your patch to accomodate that.
Commenting only in the interests of computer science:
How would we have a leak? We can certainly use more memory - if we always keep
two copies of the string - the static const default string, and the strdup()
The only 'leak' I can see is if a user specifies -d twice, and if they do that,
they get what they deserve :-)
It's better to add code that is safe by principle than code that is safe only
after some assumptions if it is not hard or performance problematic. Consider
that upstream may change the code in a way that it uses dynamic_lib_root on some
other places than now, the problem you describe is still fixed, but leaks could
have been silently introduced.