[PATCH] Cc: piotr at codeweavers.com
Piotr Caban
piotr.caban at gmail.com
Thu Dec 16 13:19:00 CST 2021
The subject is broken, except of that the patch looks good for me.
Signed-off-by: Piotr Caban <piotr at codeweavers.com>
On 12/16/21 19:06, Eric Pouech wrote:
> msvcrt*: fix double-free and memory leak in type_info destructor
>
> (spotted by toying with the gcc's static analyzer)
>
> Signed-off-by: Eric Pouech <eric.pouech at gmail.com>
>
> ---
> dlls/msvcp90/cxx.h | 2 +-
> dlls/msvcrt/cxx.h | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/dlls/msvcp90/cxx.h b/dlls/msvcp90/cxx.h
> index 29854d16bab..701ab02fc05 100644
> --- a/dlls/msvcp90/cxx.h
> +++ b/dlls/msvcp90/cxx.h
> @@ -457,7 +457,7 @@ void * __thiscall type_info_vector_dtor(type_info * _this, unsigned int flags) \
> /* we have an array, with the number of elements stored before the first object */ \
> INT_PTR i, *ptr = (INT_PTR *)_this - 1; \
> \
> - for (i = *ptr - 1; i >= 0; i--) free(_this->name); \
> + for (i = *ptr - 1; i >= 0; i--) free(_this[i].name); \
> free(ptr); \
> } \
> else \
> diff --git a/dlls/msvcrt/cxx.h b/dlls/msvcrt/cxx.h
> index 1a5442725ef..cacbb1524b6 100644
> --- a/dlls/msvcrt/cxx.h
> +++ b/dlls/msvcrt/cxx.h
> @@ -291,7 +291,7 @@ void * __thiscall type_info_vector_dtor(type_info * _this, unsigned int flags) \
> /* we have an array, with the number of elements stored before the first object */ \
> INT_PTR i, *ptr = (INT_PTR *)_this - 1; \
> \
> - for (i = *ptr - 1; i >= 0; i--) free(_this->name); \
> + for (i = *ptr - 1; i >= 0; i--) free(_this[i].name); \
> free(ptr); \
> } \
> else \
>
>
More information about the wine-devel
mailing list