Hi,
This patch avoids the heap corruption that was causing the problem
described in
<http://www.cygwin.com/ml/cygwin/2003-08/msg00364.html>.
In pwdgrp::read_group(), there is loop to free allocated gr_mem
buffers. That loop checks to see if gr_mem != &null_ptr, but does
not set gr_mem to &null_ptr after free() is called. Subsequent
calls then attempt to free the same address again, corrupting the
malloc structures.
The tar test case triggers this behavior if there is no /etc
directory available, for some reason.
Dave
======================================================================
ChangeLog:
2003-08-08 David Rothenberger <[EMAIL PROTECTED]>
* grp.cc (read_group): Set __group32.gr_mem pointer back to
&null_ptr after free() is called.
Index: cygwin/grp.cc
===================================================================
RCS file: /cvs/src/src/winsup/cygwin/grp.cc,v
retrieving revision 1.81
diff -u -u -p -r1.81 grp.cc
--- cygwin/grp.cc 30 Jun 2003 13:07:36 -0000 1.81
+++ cygwin/grp.cc 8 Aug 2003 18:29:44 -0000
@@ -75,7 +75,10 @@ pwdgrp::read_group ()
{
for (int i = 0; i < gr.curr_lines; i++)
if ((*group_buf)[i].gr_mem != &null_ptr)
- free ((*group_buf)[i].gr_mem);
+ {
+ free ((*group_buf)[i].gr_mem);
+ (*group_buf)[i].gr_mem = &null_ptr;
+ }
load ("/etc/group");
