After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 629909 - use-after-free in e_selection_model_array_delete_rows()
use-after-free in e_selection_model_array_delete_rows()
Status: RESOLVED DUPLICATE of bug 628522
Product: evolution
Classification: Applications
Component: Calendar
3.0.x (obsolete)
Other Linux
: Normal normal
: ---
Assigned To: evolution-calendar-maintainers
Evolution QA team
Depends on:
Blocks:
 
 
Reported: 2010-09-17 09:55 UTC by David Woodhouse
Modified: 2013-09-13 01:09 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description David Woodhouse 2010-09-17 09:55:13 UTC 
==31524== Invalid read of size 4
==31524==    at 0x6B3FFFB: e_bit_array_delete_real (e-bit-array.c:94)
==31524==    by 0x6B4019F: e_bit_array_delete (e-bit-array.c:119)
==31524==    by 0x5BD9CC2: e_selection_model_array_delete_rows (e-selection-model-array.c:81)
==31524==    by 0x570B7A7: model_rows_deleted (e-table-selection-model.c:163)
==31524==    by 0x3D3DE0E50D: g_closure_invoke (gclosure.c:766)
==31524==    by 0x3D3DE2000A: signal_emit_unlocked_R (gsignal.c:3252)
==31524==    by 0x3D3DE29B49: g_signal_emit_valist (gsignal.c:2983)
==31524==    by 0x3D3DE29CF2: g_signal_emit (gsignal.c:3040)
==31524==    by 0xF8B69FE: redo_queries (e-cal-model.c:2364)
==31524==    by 0xF90D7ED: gnome_calendar_set_search_query (gnome-cal.c:1212)
==31524==    by 0x1069753A: cal_shell_view_execute_search (e-cal-shell-view.c:211)
==31524==    by 0x3D3DE0E50D: g_closure_invoke (gclosure.c:766)
==31524==  Address 0x1806f214 is 0 bytes after a block of size 4 alloc'd
==31524==    at 0x4A05255: realloc (vg_replace_malloc.c:476)
==31524==    by 0x3D3D645D4D: g_realloc (gmem.c:181)
==31524==    by 0x6B4007D: e_bit_array_delete_real (e-bit-array.c:105)
==31524==    by 0x6B4019F: e_bit_array_delete (e-bit-array.c:119)
==31524==    by 0x5BD9CC2: e_selection_model_array_delete_rows (e-selection-model-array.c:81)
==31524==    by 0x570B7A7: model_rows_deleted (e-table-selection-model.c:163)
==31524==    by 0x3D3DE0E50D: g_closure_invoke (gclosure.c:766)
==31524==    by 0x3D3DE2000A: signal_emit_unlocked_R (gsignal.c:3252)
==31524==    by 0x3D3DE29B49: g_signal_emit_valist (gsignal.c:2983)
==31524==    by 0x3D3DE29CF2: g_signal_emit (gsignal.c:3040)
==31524==    by 0xF8B69FE: redo_queries (e-cal-model.c:2364)
==31524==    by 0xF90D7ED: gnome_calendar_set_search_query (gnome-cal.c:1212)
==31524==
Comment 1 David Woodhouse 2010-09-17 10:03:08 UTC 
Stupid dwmw2; this isn't a use-after-free; it's a dupe of bug 628522. Insufficient caffeine this morning.

*** This bug has been marked as a duplicate of bug 628522 ***