crash on bad pointer free

[petermarko]

Prevent crash on wrong free like this one:

ensure_table(): database is locked
*** Error in `cve-check-tool': free(): invalid pointer: 0x0000000002368838 ***

Proposed patch:

From 27bd5b6ccd107bd2b143019419725ff778ebd133 Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Thu, 13 Apr 2017 23:09:52 +0200
Subject: [PATCH] Fix freeing memory allocated by sqlite

---
 src/core.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/core.c b/src/core.c
index 4389d9b..cfdda55 100644
--- a/src/core.c
+++ b/src/core.c
@@ -83,7 +83,7 @@ static bool ensure_table(CveDB *self)
         rc = sqlite3_exec(self->db, query, NULL, NULL, &err);
         if (rc != SQLITE_OK) {
                 fprintf(stderr, "ensure_table(): %s\n", err);
-                free(err);
+                sqlite3_free(err);
                 return false;
         }

@@ -93,7 +93,7 @@ static bool ensure_table(CveDB *self)
         rc = sqlite3_exec(self->db, query, NULL, NULL, &err);
         if (rc != SQLITE_OK) {
                 fprintf(stderr, "ensure_table(): %s\n", err);
-                free(err);
+                sqlite3_free(err);
                 return false;
         }

@@ -103,11 +103,11 @@ static bool ensure_table(CveDB *self)
         rc = sqlite3_exec(self->db, query, NULL, NULL, &err);
         if (rc != SQLITE_OK) {
                 fprintf(stderr, "ensure_table(): %s\n", err);
-                free(err);
+                sqlite3_free(err);
                 return false;
         }
         if (err) {
-                free(err);
+                sqlite3_free(err);
         }

         return true;
-- 
2.1.4

[ikeydoherty]

Hi this looks good to me - could I get this in pull request form please and then I'll merge. Thanks!

[petermarko]

Hi, unfortunately I'm not able to push new branch to this repository

$ git push origin fix/sqlite-free
ERROR: Permission to ikeydoherty/cve-check-tool.git denied to petermarko.