Opened 10 years ago

Closed 7 years ago

#4730 closed defect (fixed)

Double free in OGRTABDataSource::Create() when exiting with error

Reported by: trentcsc Owned by: warmerdam
Priority: normal Milestone:
Component: OGR_SF Version: unspecified
Severity: normal Keywords: mitab
Cc: Daniel Morissette

Description (last modified by trentcsc)

Found this in a unit test explicitly trying to create a MapInfo MIF file with the wrong file extension.

MIFFile::m_pszFname is free'd (and not NULL'd) in mitab_miffile.cpp, line 329.

MIFFile::~MIFFile() frees the dangling pointer again and whammo - segfault.

GDAL 1.9.1 built with MSVC 1600 (VS2010)

Attachments (1)

fix_gdal_4730.patch (299 bytes ) - added by Even Rouault 10 years ago.

Download all attachments as: .zip

Change History (6)

comment:1 by trentcsc, 10 years ago

Description: modified (diff)

Oh -

comment:2 by Even Rouault, 10 years ago

Cc: Daniel Morissette added
Component: defaultOGR_SF
Keywords: mitab added
Milestone: 1.9.2

trunk, r24647: Fix double free in OGRTABDataSource::Create() when exiting with error (#4730)

branches/1.9, r24648: Fix double free in OGRTABDataSource::Create() when exiting with error (#4730)

Letting open while it has not yet been upstreamed in MITAB

by Even Rouault, 10 years ago

Attachment: fix_gdal_4730.patch added

comment:4 by Jukka Rahkonen, 8 years ago

Heads-up: pull request seems to be still in a mitab queue.

comment:5 by Even Rouault, 7 years ago

Resolution: fixed
Status: newclosed

Batch closing of MITAB tickets fixed in GDAL. They were kept open because not merged into MITAB separate repository, but the latter one is inactive, so let's close them definitely.

Note: See TracTickets for help on using tickets.