Closed gOo0se closed 1 month ago
I would update the other PR instead of creating a new one. That way, we have less places where the discussion is spread. Does it sound good to you?
I would update the other PR instead of creating a new one. That way, we have less places where the discussion is spread. Does it sound good to you?
Yeah, I agree with you.
Originally PR #1007, discuss with @alejandro-colomar, we found groupmod -U may cause crashes because of double free. If without -a, the first free is in gr_free_members(&grp), and then in gr_update without -n or gr_remove with -n.
Considering the minimal impact of modifications on existing code, delete gr_free_members(&grp) to avoid double free.
Although this may seem reckless, the second free in two different positions will definitely be triggered, and the following two test cases can be used to illustrate the situation :
This case would free
(*ogrp).gr_mem
ingr_free_members(&grp)
due to assignment statementsgrp = *ogrp
, then inif (nflg && (gr_remove (group_name) == 0))
, which finally callsgr_free_members(grent)
to free(*ogrp).gr_mem
again.The other case would free
(*ogrp).gr_mem
ingr_free_members(&grp)
too, then inif (gr_update (&grp) == 0)
, which finally callsgr_free_members(grent)
too to free(*ogrp).gr_mem
again.So the first free is unnecessary, maybe we can drop it.
All test cases passed.