[CDRIVER-1529] mongoc_write_concern_destroy() may attempt to free null wtag pointer Created: 07/Sep/16 Updated: 03/May/17 Resolved: 07/Sep/16 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | libmongoc |
| Affects Version/s: | 1.4.0, 1.3.5 |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Jeremy Mikola | Assignee: | Jeremy Mikola |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Description |
|
I believe this issue dates back to the introduction of the wtag field in 2da6c03. We never caught this in PHPC because our custom free function (for bson_mem_vtable_t) would NOP on a null pointer; however, I'm not sure why this wouldn't have been caught for the default memory handler, which uses free(). |
| Comments |
| Comment by Jeremy Mikola [ 07/Sep/16 ] |
|
This only came up as a Valgrind warning while I was investigating a separate issue. Based on acm's insight (thanks for that), the conditional would just be unnecessary overhead so I've closed the PR. |
| Comment by A. Jesse Jiryu Davis [ 07/Sep/16 ] |
|
So Jeremy is there a crash you're debugging or did the code just look like a bug to you? |
| Comment by Andrew Morrow (Inactive) [ 07/Sep/16 ] |
|
But free(NULL) is defined to always be a no-op: http://pubs.opengroup.org/onlinepubs/9699919799/functions/free.html |
| Comment by Jeremy Mikola [ 07/Sep/16 ] |