Corrupted double-linked list (nnrpd, Python, innconfval)
Russ Allbery
rra at stanford.edu
Sat Jun 21 16:20:02 UTC 2008
Julien ÉLIE <julien at trigofacile.com> writes:
> I believe it happens here:
>
> void
> PY_close_python(void)
> {
> if (files != NULL) {
> hash_traverse(files, file_trav, NULL);
> --> hash_free(files);
> }
That doesn't set files back to NULL, so if it ever happens that one closes
and then reopens Python in the same process, I bet files is still pointing
to the old freed memory and INN blithely tries to write to it.
Adding files = NULL; after hash_free(files) will fix it if I'm right.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
Please send questions to the list rather than mailing me directly.
<http://www.eyrie.org/~eagle/faqs/questions.html> explains why.
More information about the inn-workers
mailing list