Update of bug #66981 (group groff):
Status: In Progress => Fixed
Open/Closed: Open => Closed
Planned Release: None => 1.24.0
_______________________________________________________
Follow-up Comment #1:
commit 22b85a62d8ad339e0379c81f173b984a8b65fc3b
Author: G. Branden Robinson <[email protected]>
Date: Thu Apr 3 05:07:04 2025 -0500
[troff]: Fix Savannah #66981 (use-after-free).
* src/roff/troff/input.cpp (file_iterator::set_location)
(next_file, line_file, do_source, open_file, copy_file)
(transparent_file, do_macro_source): Stop freeing memory dynamically
allocated to store file names encountered in (and copied from) the
input document. *roff is a powerful enough language that the
lifetimes of these file name strings are highly variable, and moreover
their pointers tend to get copied into internal data structures.
Overly aggressive freeing can cause garbage to appear in lieu of file
names in backtrace reports, dumped macros, and so forth. Add comments
musing about a future approach to management of this storage.
Fixes <https://savannah.gnu.org/bugs/?66981>.
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?66981>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
signature.asc
Description: PGP signature
