My apologies if this is the wrong mailing list; I didn't find a better one.
The man page for TAILQ_REMOVE, etc. contains the following sample code:
while (head.tqh_first != NULL)
TAILQ_REMOVE(&head, head.tqh_first, entries);
I checked /usr/include/sys/queue.h and, sure enough, TAILQ_REMOVE
doesn't free
head.tqh_first. Nor should it-- this isn't Objective-C, after all. :-)
It should be something like:
while (head.tqh_first != NULL) {
np = head.tqh_first;
TAILQ_REMOVE(&head, np, entries);
free(np);
}
The same bug is repeated for all the data structures in this man page.
In this day and age of Java, C#, and Objective-C programmers, kids these
days
are less likely to remember to clean up after themselves. Therefore it was
particularly jarring to find this bug. Ten years ago I might have
laughed it
off. That's probably why it's been around for so long.
David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
