fix latent bugs in ui-out.c

The destructor code in ui-out.c has a latent bug, which is hidden by
the fact that nothing uses this right now.  This patch fixes the
problem.  The bug is that we don't always clear a pointer in the
ui-out object, leading to a bad free.

2014-03-17  Tom Tromey  <tromey@redhat.com>

	* ui-out.c (clear_table, ui_out_new): Clear uiout->table.id.

diff --git a/gdb/ChangeLog b/gdb/ChangeLog
index 4e62f0c757d4ae3ffdfc5aede2bfc4a15efcd46a..8b54b59d712737c94c192ead062a8be5df8f8b29 100644 (file)
--- a/gdb/ChangeLog
+++ b/gdb/ChangeLog
@@ -1,3 +1,7 @@
+2014-03-17  Tom Tromey  <tromey@redhat.com>
+
+       * ui-out.c (clear_table, ui_out_new): Clear uiout->table.id.
+
 2014-03-17  Pierre-Marie de Rodat  <derodat@adacore.com>
 
        * ada-lang.c (decode_constrained_packed_array): Perform a

diff --git a/gdb/ui-out.c b/gdb/ui-out.c
index 2edb14050023eb972f774de1818ff4652cb492e5..63cbc6e685875359f6b7fee609bbbdeb82ffa28c 100644 (file)
--- a/gdb/ui-out.c
+++ b/gdb/ui-out.c
@@ -807,8 +807,8 @@ uo_table_header (struct ui_out *uiout, int width, enum ui_align align,
 static void
 clear_table (struct ui_out *uiout)
 {
-  if (uiout->table.id)
-    xfree (uiout->table.id);
+  xfree (uiout->table.id);
+  uiout->table.id = NULL;
   clear_header_list (uiout);
 }
 
@@ -1114,6 +1114,7 @@ ui_out_new (const struct ui_out_impl *impl, void *data,
   current->field_count = 0;
   VEC_safe_push (ui_out_level_p, uiout->levels, current);
 
+  uiout->table.id = NULL;
   uiout->table.header_first = NULL;
   uiout->table.header_last = NULL;
   uiout->table.header_next = NULL;