-
Jens Gulin authored
A normal sequence of calls is as follows: str_parms_create_str, str_parms_add_str, str_parms_destroy. In some cases the destroy caused double free. str_parms_add_str will clone the input and send it to hashmapPut for storage. If hashmapPut did not store the strings it will raise errno = ENOMEM and leave caller with ownership of the strings. In any of these cases it will be safe to destroy the str_parms. But what if it wasn't hashmapPut that said NOMEM? What if there was a stale NOMEM already before a successful hashmapPut? In that case the strings will be successfully added to the list (if new), but when str_parms_add_str sees the NOMEM it will free them anyway, leaving dangling pointers in the str_parms!! It is the responsibility of the caller to clear errno before any interesting call. This patch makes sure that str_parms_add_str reacts only on errno emmitted from hashmapPut. Change-Id: If87e4bcc482f09e1c66133d33517b152ebdac65f
d3c8d5b8
