Fix double-free issue in File::create
authorAngus Gratton <gus@projectgus.com>
Tue, 7 Oct 2014 22:35:23 +0000 (09:35 +1100)
committerUwe Hermann <uwe@hermann-uwe.de>
Wed, 8 Oct 2014 16:26:53 +0000 (18:26 +0200)
Triggered when opening a file from the command line.

During startup Sigsession::set_default_device calls Device::use which
loads a global _sr_session, then as part of file loading the
File::create method is called which treats _sr_session as a temp
variable (loaded then immediately released), finally a Device::release
releases the (differently allocated) global _sr_session again causing
the double free.

Given File::create is only using the sigrok session temporarily within
its function scope, this change gives it its own temporary session
instance.

This fixes bug #405.

pv/device/file.cpp

index e82c5ece16c89e8f7d00da6da9fcb3bdda4506b9..368276a4ba8d8e1ce10e443ab645f9d19e3cad3c 100644 (file)
@@ -56,10 +56,11 @@ map<string, string> File::get_device_info() const
 
 File* File::create(const string &name)
 {
-       if (sr_session_load(name.c_str(), &SigSession::_sr_session) == SR_OK) {
+       struct sr_session *temp_session;
+       if (sr_session_load(name.c_str(), &temp_session) == SR_OK) {
                GSList *devlist = NULL;
-               sr_session_dev_list(SigSession::_sr_session, &devlist);
-               sr_session_destroy(SigSession::_sr_session);
+               sr_session_dev_list(temp_session, &devlist);
+               sr_session_destroy(temp_session);
 
                if (devlist) {
                        sr_dev_inst *const sdi = (sr_dev_inst*)devlist->data;