> On Nov 21, 2019, at 7:01 AM, Richard Hipp <d...@sqlite.org> wrote: > > The memset() just forces the bug to the surface in builds where the > ckmalloc()/ckfree() routines of TCL are using caching that prevents > valgrind/ASAN from seeing the use-after-free. The memset() is not > part of the bug fixx itself, but is a preventative measure to try to > prevent similar bugs in the future.
This looks wrong to me: memset(p->pVfs, 0, sizeof(sqlite3_vfs)); memset(p, 0, sizeof(Testvfs)); ckfree((char *)p->pVfs); ckfree((char *)p); The second line zeroes the Testvfs struct pointed to by p; the third line reads the pVfs field of the struct, which is now NULL, and then calls free() on that NULL pointer, which is a no-op. The net result is to leak the heap block pointed to by p->pVfs. Shouldn't the second and third lines be swapped? —Jens _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
