[omniORB] Memory leak in corbaString.cc
Duncan Grisby
duncan at grisby.org
Fri Jan 27 10:09:28 UTC 2023
Wow, that's a very long-standing bug. Thank you for reporting it!
Out of interest, how did you encounter it? Is there a real CORBA
implementation that is failing to null-terminate raw strings, or were
you actively looking for that kind of bug by violating the protocol or
with static analysis?
Thanks,
Duncan.
On Fri, 2023-01-27 at 07:02 +0000, 姜 维 via omniORB-list wrote:
>
> Index: src/lib/omniORB/orbcore/corbaString.cc
> ===================================================================
> --- src/lib/omniORB/orbcore/corbaString.cc (版本 6632)
> +++ src/lib/omniORB/orbcore/corbaString.cc (工作副本)
> @@ -80,14 +80,14 @@
> OMNIORB_THROW(MARSHAL, MARSHAL_PassEndOfMessage,
> (CORBA::CompletionStatus)completion());
>
> - char* s = _CORBA_String_helper::alloc(len - 1);
> - get_octet_array((_CORBA_Octet*)s, len);
> + _CORBA_String_var s = _CORBA_String_helper::alloc(len - 1);
> + get_octet_array((_CORBA_Octet*)s.inout(), len);
>
> if (s[len-1] != '\0')
> OMNIORB_THROW(MARSHAL,MARSHAL_StringNotEndWithNull,
> (CORBA::CompletionStatus)completion());
>
> - return s;
> + return s._retn();
> }
>
> #ifndef Swap32
>
> _______________________________________________
> omniORB-list mailing list
> omniORB-list at omniorb-support.com
> https://www.omniorb-support.com/mailman/listinfo/omniorb-list
--
-- Duncan Grisby --
-- duncan at grisby.org --
-- http://www.grisby.org --
More information about the omniORB-list
mailing list