[Pidgin] #8604: double free in oscar / purple_circ_buffer

Pidgin trac at pidgin.im
Sun Mar 8 19:30:54 EDT 2009 

#8604: double free in oscar / purple_circ_buffer
-----------------------+----------------------------------------------------
     Reporter:  tmm1   |        Type:  defect   
       Status:  new    |   Component:  libpurple
      Version:  2.5.2  |    Keywords:           
Launchpad_bug:         |  
-----------------------+----------------------------------------------------
 {{{
 *** glibc detected *** double free or corruption (!prev):
 0x0000000002ed8700 ***

 (gdb) bt
 #0  0x00007f41f279b07b in raise () from /lib/libc.so.6
 #1  0x00007f41f279c84e in abort () from /lib/libc.so.6
 #2  0x00007f41f27d15f9 in __fsetlocking () from /lib/libc.so.6
 #3  0x00007f41f27d8163 in mallopt () from /lib/libc.so.6
 #4  0x00007f41f27d81ee in free () from /lib/libc.so.6
 #5  0x00007f41f316c221 in purple_circ_buffer_destroy (buf=0x270c9c0) at
 circbuffer.c:40
 #6  0x00007f41f186e77d in flap_connection_close (od=0x28589a0,
 conn=0x26c1730) at flap_connection.c:376
 #7  0x00007f41f186e89d in flap_connection_destroy_cb (data=<value
 optimized out>) at flap_connection.c:460
 #8  0x00007f41f2fad90b in g_timeout_dispatch () from
 /custom/lib/libglib-2.0.so.0
 #9  0x00007f41f2fad1e2 in g_main_context_dispatch () from
 /custom/lib/libglib-2.0.so.0
 #10 0x00007f41f2fb04c5 in g_main_context_iterate () from
 /custom/lib/libglib-2.0.so.0
 #11 0x00007f41f2fb07bd in g_main_loop_run () from
 /custom/lib/libglib-2.0.so.0

 (gdb) frame 5
 #5  0x00007f41f316c221 in purple_circ_buffer_destroy (buf=0x270c9c0) at
 circbuffer.c:40
 40              g_free(buf->buffer);

 (gdb) p buf
 $3 = (PurpleCircBuffer *) 0x270c9c0

 (gdb) p buf->buffer
 $4 = (gchar *) 0x2ed8700 "???"

 (gdb) frame 6
 #6  0x00007f41f186e77d in flap_connection_close (od=0x28589a0,
 conn=0x26c1730) at flap_connection.c:376
 376             purple_circ_buffer_destroy(conn->buffer_outgoing);

 (gdb) frame 7
 #7  0x00007f41f186e89d in flap_connection_destroy_cb (data=<value
 optimized out>) at flap_connection.c:460
 460             flap_connection_close(od, conn);

 }}}

-- 
Ticket URL: <http://developer.pidgin.im/ticket/8604>
Pidgin <http://pidgin.im>
Pidgin

More information about the Tracker mailing list