mirror of
https://gitlab.gnome.org/GNOME/glib.git
synced 2024-12-25 15:06:14 +01:00
gdatetime: fix double free in format parser
If %#Z is followed by %Z then we accidentally free the tmp variable from the previous iteration of the loop a second time. Good job to the static analysis tool (probably Coverity) that found this. Fortunately it's unlikely that a realistic application would do this. I've also added a new test that crashes without the fix
This commit is contained in:
parent
1196ac7af6
commit
a893d622c0
@ -3603,7 +3603,7 @@ g_date_time_format_utf8 (GDateTime *datetime,
|
||||
if (mod_case && g_strcmp0 (mod, "#") == 0)
|
||||
tz = tmp = g_utf8_strdown (tz, -1);
|
||||
g_string_append (outstr, tz);
|
||||
g_free (tmp);
|
||||
g_clear_pointer (&tmp, g_free);
|
||||
break;
|
||||
case '%':
|
||||
g_string_append_c (outstr, '%');
|
||||
|
@ -1636,6 +1636,7 @@ test_GDateTime_printf (void)
|
||||
TEST_PRINTF ("%9", NULL);
|
||||
#ifdef G_OS_UNIX
|
||||
TEST_PRINTF ("%Z", "UTC");
|
||||
TEST_PRINTF ("%#Z %Z", "utc UTC");
|
||||
#elif defined G_OS_WIN32
|
||||
g_assert (GetDynamicTimeZoneInformation (&dtz_info) != TIME_ZONE_ID_INVALID);
|
||||
if (wcscmp (dtz_info.StandardName, L"") != 0)
|
||||
|
Loading…
Reference in New Issue
Block a user