GNOME Bugzilla – Bug 733259
lua-factory: Fix use after free
Last modified: 2014-07-21 20:58:07 UTC
.
Created attachment 280849 [details] [review] lua-factory: Fix use after free ==21842== Invalid read of size 4 ==21842== at 0x2CE855B7: grl_lua_library_set_current_operation (grl-lua-library.c:1258) ==21842== by 0x6706D16: resolve_idle (grl-source.c:2401) ==21842== by 0x7146872: g_main_context_dispatch (gmain.c:3067) ==21842== by 0x7146C77: g_main_context_iterate.isra.29 (gmain.c:3747) ==21842== by 0x7146F91: g_main_loop_run (gmain.c:3941) ==21842== by 0x50323C4: gtk_main (gtkmain.c:1206) ==21842== by 0x40C159: main (main.c:2395) ==21842== Address 0x2a655ecc is 76 bytes inside a block of size 88 free'd ==21842== at 0x4C2CCE9: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==21842== by 0x714C3BE: g_free (gmem.c:190) ==21842== by 0x7163053: g_slice_free1 (gslice.c:1112) ==21842== by 0x2CE846B7: grl_l_callback (grl-lua-library.c:947) ==21842== by 0x2D09B7CC: ??? (in /usr/lib64/liblua-5.2.so) ==21842== by 0x2D0AD78C: ??? (in /usr/lib64/liblua-5.2.so) ==21842== by 0x2D09BAC7: ??? (in /usr/lib64/liblua-5.2.so) ==21842== by 0x2D09B13E: ??? (in /usr/lib64/liblua-5.2.so) ==21842== by 0x2D09BD10: ??? (in /usr/lib64/liblua-5.2.so) ==21842== by 0x2D0932D5: lua_pcallk (in /usr/lib64/liblua-5.2.so) ==21842== by 0x2CE82C10: grl_lua_factory_source_resolve (grl-lua-factory.c:1119) ==21842== by 0x6706D16: resolve_idle (grl-source.c:2401)
Review of attachment 280849 [details] [review]: You are using the set_current_operation to clean the reference on LUA_ENV_TABLE. Looks good.
Attachment 280849 [details] pushed as 194b7ea - lua-factory: Fix use after free