From: Corey Farrell Date: Wed, 19 Nov 2014 19:30:13 +0000 (+0000) Subject: stringfields: Fix bug in ast_string_fields_copy. X-Git-Tag: 12.8.0-rc1~29 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f55b7ce116e8559b2acd42cc544a2b0df9c0a058;p=thirdparty%2Fasterisk.git stringfields: Fix bug in ast_string_fields_copy. ast_string_fields_copy relies on the fact that __ast_string_field_release_active never previously zeroed pool->used, so keeping the existing pointer was "ok". Now that existing pools can be reset to 'empty', it is important to set each field to __ast_string_field_empty after releasing the memory. ASTERISK-24535 #close Reported by: Corey Farrell Review: https://reviewboard.asterisk.org/r/4186/ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/12@428272 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/include/asterisk/stringfields.h b/include/asterisk/stringfields.h index dc70960dc1..d0879b2baa 100644 --- a/include/asterisk/stringfields.h +++ b/include/asterisk/stringfields.h @@ -438,10 +438,11 @@ void __ast_string_field_release_active(struct ast_string_field_pool *pool_head, int __len__ = ((void *)&(copy)->__field_mgr - (void *)&(copy)->__field_mgr_pool)/__ptr_size__ - 1; \ int __len2__ = ((void *)&(orig)->__field_mgr - (void *)&(orig)->__field_mgr_pool)/__ptr_size__ - 1; \ if (__len__ == __len2__) { \ - char **__copy_head__ = (void *)&(copy)->__field_mgr_pool + __ptr_size__; \ - char **__orig_head__ = (void *)&(orig)->__field_mgr_pool + __ptr_size__; \ + ast_string_field *__copy_head__ = (void *)&(copy)->__field_mgr_pool + __ptr_size__; \ + ast_string_field *__orig_head__ = (void *)&(orig)->__field_mgr_pool + __ptr_size__; \ for (__len2__ -= 1; __len2__ >= 0; __len2__--) { \ __ast_string_field_release_active((copy)->__field_mgr_pool, __copy_head__[__len2__]); \ + __copy_head__[__len2__] = __ast_string_field_empty; \ } \ for (__len__ -= 1; __len__ >= 0; __len__--) { \ if (ast_string_field_ptr_set((copy), &__copy_head__[__len__], __orig_head__[__len__])) { \