diff options
| author | David Bremner <david@tethera.net> | 2021-10-23 10:22:34 -0300 |
|---|---|---|
| committer | David Bremner <david@tethera.net> | 2021-10-30 13:43:58 -0300 |
| commit | 74c4ce6d88bcc643424c5d89cc8d30cd835e46c3 (patch) | |
| tree | 9b78441dbe31ad597ae0897e581b199c2be92ba4 /lib | |
| parent | a942cb8ee3f0e20d6cd72d25c432467a5ebfe93c (diff) | |
lib/open: fix potential double-free, ensure *database=NULL on error
During refactoring for 0.32, the code that set notmuch=NULL on various
errors was moved into _finish_open. This meant that the the code which
relied on that to set *database to NULL on error was no longer
correct. It also introduced a potential double free, since the notmuch
struct was deallocated inside _finish_open (via n_d_destroy).
In this commit we revert to "allocator frees", and leave any cleanup
to the caller of _finish_open. This allows us to get back the
behaviour of setting *database to NULL with a small change. Other
callers of _finish_open will need free notmuch on errors.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/open.cc | 13 |
1 files changed, 5 insertions, 8 deletions
diff --git a/lib/open.cc b/lib/open.cc index 8a835e98..77f01f72 100644 --- a/lib/open.cc +++ b/lib/open.cc @@ -396,8 +396,6 @@ _finish_open (notmuch_database_t *notmuch, " has a newer database format version (%u) than supported by this\n" " version of notmuch (%u).\n", database_path, version, NOTMUCH_DATABASE_VERSION)); - notmuch_database_destroy (notmuch); - notmuch = NULL; status = NOTMUCH_STATUS_FILE_ERROR; goto DONE; } @@ -414,8 +412,6 @@ _finish_open (notmuch_database_t *notmuch, " requires features (%s)\n" " not supported by this version of notmuch.\n", database_path, incompat_features)); - notmuch_database_destroy (notmuch); - notmuch = NULL; status = NOTMUCH_STATUS_FILE_ERROR; goto DONE; } @@ -489,8 +485,6 @@ _finish_open (notmuch_database_t *notmuch, } catch (const Xapian::Error &error) { IGNORE_RESULT (asprintf (&message, "A Xapian exception occurred opening database: %s\n", error.get_msg ().c_str ())); - notmuch_database_destroy (notmuch); - notmuch = NULL; status = NOTMUCH_STATUS_XAPIAN_EXCEPTION; } DONE: @@ -559,10 +553,13 @@ notmuch_database_open_with_config (const char *database_path, free (message); } + if (status && notmuch) { + notmuch_database_destroy (notmuch); + notmuch = NULL; + } + if (database) *database = notmuch; - else - talloc_free (notmuch); if (notmuch) notmuch->open = true; |