This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug libfortran/68987] [5/6 Regression] double free or corruption in _gfortran_st_write_done when a write statement to an internal file uses an invalid format and the ERR= specifier appears.
- From: "jvdelisle at gcc dot gnu.org" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: Thu, 24 Dec 2015 05:57:22 +0000
- Subject: [Bug libfortran/68987] [5/6 Regression] double free or corruption in _gfortran_st_write_done when a write statement to an internal file uses an invalid format and the ERR= specifier appears.
- Auto-submitted: auto-generated
- References: <bug-68987-4 at http dot gcc dot gnu dot org/bugzilla/>
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=68987
--- Comment #3 from Jerry DeLisle <jvdelisle at gcc dot gnu.org> ---
My guilty commit is rev 222111. Went to far on the patch for pr65089 or took
care of the needed free somewhere else
This fixes it. Testing further.
diff --git a/libgfortran/io/format.c b/libgfortran/io/format.c
index 0b00016a..2068af7e 100644
--- a/libgfortran/io/format.c
+++ b/libgfortran/io/format.c
@@ -1180,8 +1180,27 @@ format_error (st_parameter_dt *dtp, const fnode *f,
const char *message)
*p++ = '^';
*p = '\0';
- generate_error (&dtp->common, LIBERROR_FORMAT, buffer);
+ /* Cleanup any left over memory allocations before calling generate
+ error. */
+ if (is_internal_unit (dtp))
+ {
+ if (dtp->format != NULL)
+ {
+ free (dtp->format);
+ dtp->format = NULL;
+ }
+ /* Leave these alone if IOSTAT was given because execution will
+ return from generate error in those cases. */
+ if (!(dtp->common.flags & IOPARM_HAS_IOSTAT))
+ {
+ free (dtp->u.p.fmt);
+ free_format_hash_table (dtp->u.p.current_unit);
+ free_internal_unit (dtp);
+ }
+ }
+
+ generate_error (&dtp->common, LIBERROR_FORMAT, buffer);
}