Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Done
Priority: Minor - P4
Fix Version/s: 1.7.1
Affects Version/s: None
Component/s: None
Labels:
None

Operating System:
ALL
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

This code issue is minor because it is not currently triggered by existing code.

StringBuilder uses a BufBuilder (bson/util/builder.h) to manually manage a char buffer. The default copy constructor and operator= will shallow copy the data pointer, which will ultimately lead to freeing the memory multiple times. You can produce the issue with:
{
StringBuffer a;

{ StringBuffer b=a; }

// b d'tor frees b.data, which == a.data

{ StringBuffer c(a); }

// c d'tor frees a.data again

} // a d'tor frees a.data again

Assignee:: Alberto Lerner (Inactive)
Reporter:: Matt Taylor
Participants:: Alberto Lerner, auto, Matt Taylor
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: Sep 27 2010 06:48:13 PM UTC
Updated:: Jul 12 2016 12:18:27 AM UTC
Resolved:: Sep 27 2010 08:51:06 PM UTC

Details

Description

Attachments

Activity

People

Dates