This code malloc's a harp_operation_string_comparison_filter and then
directly initializes all fields aside from value. Afterwards it tries to
strdupvariable_name and if that fails (due to a out-of-memory error) it
will error out and cleanup the allocated struct via
string_comparison_filter_delete.
string_comparison_filter_delete does the following check on the passed in
struct where it will free the memory behind value if it's not NULL:
if (operation->value != NULL)
{
free(operation->value);
}
However, because value is not initialized yet, this code actually randomly
calls free with the uninitialized pointer value as the argument.
This code malloc's a
harp_operation_string_comparison_filter
and then directly initializes all fields aside fromvalue
. Afterwards it tries tostrdup
variable_name
and if that fails (due to a out-of-memory error) it will error out and cleanup the allocated struct viastring_comparison_filter_delete
.string_comparison_filter_delete
does the following check on the passed in struct where it will free the memory behindvalue
if it's not NULL:However, because
value
is not initialized yet, this code actually randomly calls free with the uninitialized pointer value as the argument.