[physfs] physfs corruption (double free) in hardened version
Ryan C. Gordon
icculus at icculus.org
Wed May 4 15:48:59 EDT 2011
> I have attached a test program of a bug submitter, with that physfs
> crashs, because of a double free exception, on amd64 (but not on i386).
I can't reproduce this; Valgrind reports no double free errors, and
glibc does not panic about a double-free as was indicated.
I build this on amd64 with physfs-2.0.2 and gcc "version 4.4.5
(Ubuntu/Linaro 4.4.4-14ubuntu5)", made a testdir directory and put two
dummy files in it.
gcc -O0 -ggdb3 -o bug bug.c -I.. ./libphysfs.a -lz -std=c99
bug.c correctly gets a list of the two dummy files, and then
successfully frees that list without a double-free. If I add a call to
PHYSFS_deinit() at the end, there isn't even a single memory leak in the
whole program.
Perhaps the problem is elsewhere?
(Granted, I'm not building this "hardened" ... if you give me
instructions for that, I'll try it.)
--ryan.
More information about the physfs
mailing list