#2332 closed defect (fixed)
Double free or corruption in msCopyJoin
| Reported by: | aalbarello | Owned by: | sdlime |
|---|---|---|---|
| Priority: | normal | Milestone: | 5.0.1 release |
| Component: | MapServer C Library | Version: | 5.0 |
| Severity: | normal | Keywords: | |
| Cc: |
Description
I'm getting libc's double free/corruption errors when calling msCopyMap on a map containing joins. This is due to the fact that msCopyLayer doesn't initialize join objects by calling initJoin prior to calling msCopyJoin, which therefore calls msFree through the MS_COPYSTRING macro on uninitialized char pointers of the destination map object.
This can be fixed by adding
initJoin(&(dst->joins[i]));
on line 851 of mapcopy.c
Attachments (1)
Change History (4)
comment:1 by , 16 years ago
| Milestone: | → 5.0.1 release |
|---|
by , 16 years ago
| Attachment: | mapcopy.diff added |
|---|
comment:2 by , 16 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Applied fix to both the main trunk and the 5.0 branch. Closing...
Thanks for the help!
Steve
Note:
See TracTickets
for help on using tickets.
I'm adding a patch against svn trunk rev 6998 for this one.
Andreas