[lokisetup] [PATCH] freeing the product info

Ludwig Nussel ludwig.nussel at gmx.de
Sun Apr 18 05:53:16 EDT 2004


Stéphane Peter wrote:
> I'm a bit nervous to commit this because the last patch addressing this
> problem actually broke component installs for me. I'll try this but I've
> been using the current CVS code in a commercial product with
> post-install scripts among a bunch of platforms with no problem so far.

Pure luck. Let me reconstruct the problem. Look at
generate_uninstall, it's called by main.c:411->install.c:1505. In
install.c it does 

  1771          product = loki_openproduct(info->name);
  1772          if ( ! product ) {
  1773              product = loki_create_product(info->name, info->install_path, info->desc,
...
  1779          info->product = product;
...
  1955          loki_closeproduct(product);

which in turn does free(product);

so now info->product points to already freed memory!

next, main.c:412 calls install_postinstall() which in turn calls
run_script() which calls get_optiontags_string() at install.c:1527.
And this one finally does

install.c:1669   for ( comp = loki_getfirst_component(info->product)

which is at setupdb.c:786:

product_component_t *loki_getfirst_component(product_t *product)
{
    return product->components;
}

Say hello to Mr Segfault! I suppose glibc decides to defer actually
freeing info->product so it doesn't crash always. It crashed for me
when I compiled loki-setup on SuSE 8.1 with glibc 2.2 and ran it on
a glibc 2.3 system. You can also use valgrind, it will tell you
about illegal reads on already freed memory.

cu
Ludwig

-- 
(o_  Ludwig.Nussel at gmx.de
//\  PGP Key ID: FF8135CE
V_/_ ICQ:        52166811



More information about the Lokisetup mailing list