Hi, after updating a few things recently, a crash started to appear whenever a bad (unknown) terminal name was specified.
I managed to trace the crash to a double-free as described below. My test program is this:
```
#include <ncurses.h>
int main() {
newterm("x", stdout, stdin);
}
```
In `TINFO_SETUP_TERM`, given `USE_TERM_DRIVER`=1 and `reuse`=0, line 720 attempts to initialize the unknown terminal. When it fails, lines 726 frees the above-allocated `my_tcb` (aliased as `termp` and `TCB`).
`_nc_globals.term_driver` from line 720 is a define to `_nc_get_driver`, which more or less delegates to `_nc_TINFO_DRIVER.td_CanHandle` which points to `drv_CanHandle` where, after failure, line 180 executes.
We go into `del_curterm` which frees `termp` on line 168.
My investigation indicates this is a double-free which leads to the crash. If I remove lines 725-726 from `lib_setup.c`, the crash no longer happens.
Please advise.
(I'm not subscribed to the list, by the way.)
--