[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #62040] [troff] audit mtsm/statem memory usage
|
From: |
G. Branden Robinson |
|
Subject: |
[bug #62040] [troff] audit mtsm/statem memory usage |
|
Date: |
Sun, 15 May 2022 05:11:05 -0400 (EDT) |
Update of bug #62040 (project groff):
Severity: 4 - Important => 2 - Minor
Item Group: Crash/Unresponsive => Lint
Assigned to: None => gbranden
Summary: [troff] double-free crash provoked by HTML man(7)
output => [troff] audit mtsm/statem memory usage
_______________________________________________________
Follow-up Comment #10:
commit ab0793f5cadb8dbcb84cb49d59bc31855fd8b5ac
Author: G. Branden Robinson <g.branden.robinson@gmail.com>
Date: Sat May 14 23:32:14 2022 -0500
[grohtml]: Mitigate Savannah #62040.
[grohtml]: Mitigate double-free problem exposed by malformed input.
* src/roff/troff/mtsm.h (struct statem): Place member variable
`issue_no` behind `DEBUGGING` preprocessor symbol, omitting it
from production and ordinary development builds.
* src/roff/troff/mtsm.cpp (no_of_statems): Place global variable
behind `DEBUGGING` preprocessor symbol, omitting it from production
and ordinary development builds.
(statem::statem): Make constructor trivial if `DEBUGGING` not defined
in preprocessor; it manipulates only `issue_no` and `no_of_statems`,
which are synchronized.
(statem::statem {copy}): Gate assignment of `issue_no` member variable
from copy constructor behind `DEBUGGING` preprocessor symbol.
(statem::flush, mtsm::inherit): Gate debugging output, already
runtime-gated on `debug_state` symbol, of `issue_no` member variable,
so that we don't reference it when it is not declared.
See <https://savannah.gnu.org/bugs/?62040>.
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?62040>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/