[Pidgin] #7278: Ticket 5889 -- not fully implemented in 2.5.1, ergo SEGV with yahoo picture.

Pidgin trac at pidgin.im
Tue Oct 21 10:41:21 EDT 2008 

#7278: Ticket 5889 -- not fully implemented in 2.5.1, ergo SEGV with yahoo
picture.
----------------------+-----------------------------------------------------
 Reporter:  rgfranks  |        Owner:  datallah
     Type:  defect    |       Status:  pending 
Milestone:            |    Component:  Yahoo!  
  Version:  2.5.1     |   Resolution:          
 Keywords:            |  
----------------------+-----------------------------------------------------
Changes (by rgfranks):

  * status:  pending => new


Comment:

 I reverted the change, and ran with valgrind.  Here's the trace info:

 ==9369== Invalid free() / delete / delete[]
 ==9369==    at 0x402243F: free (in
 /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
 ==9369==    by 0x4C93D60: g_free (in /usr/lib/libglib-2.0.so.0.1400.1)
 ==9369==    by 0x6096E75: yahoo_process_picture (yahoo_picture.c:144)
 ==9369==    by 0x6087D2C: yahoo_packet_process (yahoo.c:2455)
 ==9369==    by 0x6089109: yahoo_pending (yahoo.c:2582)
 ==9369==    by 0x80A7562: pidgin_io_invoke (gtkeventloop.c:78)
 ==9369==    by 0x4CBBD2C: (within /usr/lib/libglib-2.0.so.0.1400.1)
 ==9369==    by 0x4C8C5D5: g_main_context_dispatch (in
 /usr/lib/libglib-2.0.so.0.1400.1)
 ==9369==    by 0x4C8F971: (within /usr/lib/libglib-2.0.so.0.1400.1)
 ==9369==    by 0x4C8FD56: g_main_loop_run (in
 /usr/lib/libglib-2.0.so.0.1400.1)
 ==9369==    by 0x4332243: gtk_main (in
 /usr/lib/libgtk-x11-2.0.so.0.1200.0)
 ==9369==    by 0x80C0982: main (gtkmain.c:888)
 ==9369==  Address 0x667FD50 is 0 bytes inside a block of size 9 free'd
 ==9369==    at 0x402243F: free (in
 /usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
 ==9369==    by 0x4C93D60: g_free (in /usr/lib/libglib-2.0.so.0.1400.1)
 ==9369==    by 0x6096AFD: yahoo_fetch_picture_cb (yahoo_picture.c:68)
 ==9369==    by 0x49AD5B3: purple_util_fetch_url_error (util.c:3611)
 ==9369==    by 0x49AE156: purple_util_fetch_url_request_len (util.c:4021)
 ==9369==    by 0x49AE1B5: purple_util_fetch_url_request (util.c:3978)
 ==9369==    by 0x6096DFC: yahoo_process_picture (yahoo_picture.c:137)
 ==9369==    by 0x6087D2C: yahoo_packet_process (yahoo.c:2455)
 ==9369==    by 0x6089109: yahoo_pending (yahoo.c:2582)
 ==9369==    by 0x80A7562: pidgin_io_invoke (gtkeventloop.c:78)
 ==9369==    by 0x4CBBD2C: (within /usr/lib/libglib-2.0.so.0.1400.1)
 ==9369==    by 0x4C8C5D5: g_main_context_dispatch (in
 /usr/lib/libglib-2.0.so.0.1400.1)

 I think that the buffer allocated in yahoo_process_picture
 (yahoo_picture.c:137) is freed because of an error (in the
 purple_fetch_url traceback, the second part of the memcheck error message
 above), then freed a second time in yahoo_process_picture
 (yahoo_picture.c:144 in the first part of the memcheck error message
 above).  I am afraid I don't know enough about pidgin and its logs to
 locate the information you're asking for.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/7278#comment:3>
Pidgin <http://pidgin.im>
Pidgin

More information about the Tracker mailing list