GNOME Bugzilla – Bug 689813
Missing call to va_end in gupnp-service-proxy.c
Last modified: 2013-03-01 08:19:19 UTC
This is the last of the Coverity bugs. Coverity points out that G_VA_COPY is performed at line 891 of gupnp-service-proxy.c to make a copy of va_args. The copy is stored in an instance of GUPnPServiceProxyAction. As far as I can tell va_end is never called on this copy. I'm afraid I don't have a patch for this yet but I think Coverity is right here, so I'm entering the bug.
it does call va_end on it, but only in the _send_action case, it's dangling in the _begin_action case. However, reading the manpage of va_*, I'm kindof sceptic about the whole way va_args are used here: "Each invocation of va_start()/va_copy() must be matched by a corresponding invocation of va_end() in the same function." I mean "same function" here. I usually avoid varargs all together, so I've no idea if this is correct or not.
Created attachment 237533 [details] [review] Fix valist issue by routing _valist functions to its _hash counterparts.
Created attachment 237581 [details] [review] Fix valist issue by routing _valist functions to its _hash counterparts. v2 I decided to leave hash table <-> va_list conversion routines as macros, because in some places I expect valist to be modified in place which might be not guaranteed if I pass valist to a function. It's +10 to ugliness, but we already got +100 to it for var args anyway.
Created attachment 237600 [details] [review] Fix a typo in valist patch. I pushed those patches by accident. Here I am attaching a patch fixing a small issue I found in my patch.